First published: Wed Aug 07 2019(Updated: )
Remote Access Control Bypass in Micro Focus Content Manager. versions 9.1, 9.2, 9.3. The vulnerability could be exploited to manipulate data stored during another user’s CheckIn request.
Credit: security@microfocus.com
Affected Software | Affected Version | How to fix |
---|---|---|
Microfocus Content Manager | =9.1.0-patch6_hotfix1 | |
Microfocus Content Manager | =9.1.0-patch6_hotfix2 | |
Microfocus Content Manager | =9.1.0-patch6_hotfix3 | |
Microfocus Content Manager | =9.1.0-patch6_hotfix4 | |
Microfocus Content Manager | =9.1.0-patch6_hotfix5 | |
Microfocus Content Manager | =9.2.0-patch3_hotfix1 | |
Microfocus Content Manager | =9.3.0-patch2_hotfix1 | |
Microfocus Content Manager | =9.3.0-patch2_hotfix2 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
CVE-2019-11653 has a medium severity rating as it allows unauthorized data manipulation.
To fix CVE-2019-11653, it is recommended to apply the latest patches or hotfixes provided by Micro Focus for affected versions.
CVE-2019-11653 affects Micro Focus Content Manager versions 9.1, 9.2, and 9.3, specifically with certain hotfixes.
CVE-2019-11653 enables a remote access control bypass, allowing manipulation of data during user CheckIn requests.
Not all users will be affected; only those using vulnerable versions and specific hotfixes are at risk from CVE-2019-11653.