CVE-2020-11857: Micro Focus Operations Bridge Reporter shrboadmin Use of Hard-coded Credentials Remote Code Execution Vulnerability
First published: Tue Sep 22 2020(Updated: )
An Authorization Bypass vulnerability on Micro Focus Operation Bridge Reporter, affecting version 10.40 and earlier. The vulnerability could allow remote attackers to access the OBR host as a non-admin user
Credit: security@microfocus.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Micro Focus Operations Bridge Reporter | ||
| Microfocus Operation Bridge Reporter | >=10.00<=10.40 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is CVE-2020-11857?
CVE-2020-11857 is a vulnerability that allows remote attackers to execute arbitrary code on affected installations of Micro Focus Operations Bridge Reporter.
Is authentication required to exploit CVE-2020-11857?
No, authentication is not required to exploit CVE-2020-11857.
What is the severity of CVE-2020-11857?
CVE-2020-11857 has a severity rating of critical with a CVSS score of 9.8.
How can I fix CVE-2020-11857?
To fix CVE-2020-11857, it is recommended to apply the patches or updates provided by Micro Focus.
Where can I find more information about CVE-2020-11857?
You can find more information about CVE-2020-11857 on the following references: [1] [2] [3]
- collector/zdi-advisory
- alias/ZDI-20-1215
- alias/ZDI-CAN-11075
- alias/CVE-2020-11857
- collector/nvd-index
- vendor/micro focus
- canonical/micro focus operations bridge reporter
- vendor/microfocus
- canonical/microfocus operation bridge reporter
- version/microfocus operation bridge reporter/10.00
- version/microfocus operation bridge reporter/10.40