What is the severity of CVE-2020-11853?

CVE-2020-11853 is classified as a critical vulnerability due to its potential for arbitrary code execution.

How do I fix CVE-2020-11853?

To remediate CVE-2020-11853, users should update their systems to the latest patched versions of the affected Micro Focus products.

What products are affected by CVE-2020-11853?

CVE-2020-11853 affects several Micro Focus products including Operation Bridge Manager and Application Performance Management across multiple versions.

What are the potential impacts of CVE-2020-11853?

Exploitation of CVE-2020-11853 could allow an attacker to execute arbitrary code on the affected systems.

Are there any workarounds for CVE-2020-11853?

While the best approach is to apply patches, temporarily limiting access to affected systems may serve as a workaround for CVE-2020-11853.

Vulnerability/
CVE-2020-11853

high

8.8

22/10/2020

4/8/2024

CVE-2020-11853: Arbitrary code execution vulnerability on multiple Micro Focus products

First published: Thu Oct 22 2020(Updated: )

Arbitrary code execution vulnerability affecting multiple Micro Focus products. 1.) Operation Bridge Manager affecting version: 2020.05, 2019.11, 2019.05, 2018.11, 2018.05, versions 10.6x and 10.1x and older versions. 2.) Application Performance Management affecting versions : 9.51, 9.50 and 9.40 with uCMDB 10.33 CUP 3 3.) Data Center Automation affected version 2019.11 4.) Operations Bridge (containerized) affecting versions: 2019.11, 2019.08, 2019.05, 2018.11, 2018.08, 2018.05, 2018.02, 2017.11 5.) Universal CMDB affecting version: 2020.05, 2019.11, 2019.05, 2019.02, 2018.11, 2018.08, 2018.05, 11, 10.33, 10.32, 10.31, 10.30 6.) Hybrid Cloud Management affecting version 2020.05 7.) Service Management Automation affecting version 2020.5 and 2020.02. The vulnerability could allow to execute arbitrary code.

Credit: security@microfocus.com

Affected Software	Affected Version	How to fix
Micro Focus Operations Bridge Manager	<=10.10
Micro Focus Operations Bridge Manager	=10.11
Micro Focus Operations Bridge Manager	=10.12
Micro Focus Operations Bridge Manager	=10.60
Micro Focus Operations Bridge Manager	=10.61
Micro Focus Operations Bridge Manager	=10.62
Micro Focus Operations Bridge Manager	=10.63
Micro Focus Operations Bridge Manager	=2017.11
Micro Focus Operations Bridge Manager	=2018.02
Micro Focus Operations Bridge Manager	=2018.05
Micro Focus Operations Bridge Manager	=2018.08
Micro Focus Operations Bridge Manager	=2018.11
Micro Focus Operations Bridge Manager	=2019.05
Micro Focus Operations Bridge Manager	=2019.08
Micro Focus Operations Bridge Manager	=2019.11
Micro Focus Operations Bridge Manager	=2020.05
HP Universal CMDB Foundation	=10.20
HP Universal CMDB Foundation	=10.30
HP Universal CMDB Foundation	=10.31
HP Universal CMDB Foundation	=10.32
HP Universal CMDB Foundation	=10.33
HP Universal CMDB Foundation	=11.0
HP Universal CMDB Foundation	=2018.05
HP Universal CMDB Foundation	=2018.08
HP Universal CMDB Foundation	=2018.11
HP Universal CMDB Foundation	=2019.02
HP Universal CMDB Foundation	=2019.05
HP Universal CMDB Foundation	=2019.11
HP Universal CMDB Foundation	=2020.05.
Microfocus Application Performance Management	=9.40
Microfocus Application Performance Management	=9.50
Microfocus Application Performance Management	=9.51
Microfocus Data Center Automation	<=2019.11
Microfocus Hybrid Cloud Management	>=2018.05<=2020.05
Micro Focus Service Manager Automation	=2020.02
Micro Focus Service Manager Automation	=2020.05

Remedy

For Operation Bridge Manager https://softwaresupport.softwaregrp.com/doc/KM03747658 For Application Performance Management https://softwaresupport.softwaregrp.com/doc/KM03747657 For Data Center Automation https://softwaresupport.softwaregrp.com/doc/KM03749879 For Operation Bridge (containerized) https://softwaresupport.softwaregrp.com/doc/KM03747854 For Hybrid Cloud Management https://softwaresupport.softwaregrp.com/doc/KM03747949 For Universal CMDB https://softwaresupport.softwaregrp.com/doc/KM03747948 For Service Management Automation https://softwaresupport.softwaregrp.com/doc/KM03747950

Never miss a vulnerability like this again

Reference Links

Frequently Asked Questions

What is the severity of CVE-2020-11853?
CVE-2020-11853 is classified as a critical vulnerability due to its potential for arbitrary code execution.
How do I fix CVE-2020-11853?
To remediate CVE-2020-11853, users should update their systems to the latest patched versions of the affected Micro Focus products.
What products are affected by CVE-2020-11853?
CVE-2020-11853 affects several Micro Focus products including Operation Bridge Manager and Application Performance Management across multiple versions.
What are the potential impacts of CVE-2020-11853?
Exploitation of CVE-2020-11853 could allow an attacker to execute arbitrary code on the affected systems.
Are there any workarounds for CVE-2020-11853?
While the best approach is to apply patches, temporarily limiting access to affected systems may serve as a workaround for CVE-2020-11853.

agent/type
collector/mitre-cve
source/MITRE
agent/severity
agent/last-modified-date
agent/author
agent/title
agent/remedy
agent/references
agent/description
agent/first-publish-date
agent/event
agent/source
agent/softwarecombine
agent/tags
collector/nvd-index
agent/software-canonical-lookup-request
vendor/microfocus
canonical/micro focus operations bridge manager
version/micro focus operations bridge manager/10.10
version/micro focus operations bridge manager/10.11
version/micro focus operations bridge manager/10.12
version/micro focus operations bridge manager/10.60
version/micro focus operations bridge manager/10.61
version/micro focus operations bridge manager/10.62
version/micro focus operations bridge manager/10.63
version/micro focus operations bridge manager/2017.11
version/micro focus operations bridge manager/2018.02
version/micro focus operations bridge manager/2018.05
version/micro focus operations bridge manager/2018.08
version/micro focus operations bridge manager/2018.11
version/micro focus operations bridge manager/2019.05
version/micro focus operations bridge manager/2019.08
version/micro focus operations bridge manager/2019.11
version/micro focus operations bridge manager/2020.05
vendor/hp
canonical/hp universal cmdb foundation
version/hp universal cmdb foundation/10.20
version/hp universal cmdb foundation/10.30
version/hp universal cmdb foundation/10.31
version/hp universal cmdb foundation/10.32
version/hp universal cmdb foundation/10.33
version/hp universal cmdb foundation/11.0
version/hp universal cmdb foundation/2018.05
version/hp universal cmdb foundation/2018.08
version/hp universal cmdb foundation/2018.11
version/hp universal cmdb foundation/2019.02
version/hp universal cmdb foundation/2019.05
version/hp universal cmdb foundation/2019.11
version/hp universal cmdb foundation/2020.05.
canonical/microfocus application performance management
version/microfocus application performance management/9.40
version/microfocus application performance management/9.50
version/microfocus application performance management/9.51
canonical/microfocus data center automation
version/microfocus data center automation/2019.11
canonical/microfocus hybrid cloud management
version/microfocus hybrid cloud management/2018.05
version/microfocus hybrid cloud management/2020.05
canonical/micro focus service manager automation
version/micro focus service manager automation/2020.02
version/micro focus service manager automation/2020.05