CVE-2020-11858: Micro Focus Operations Bridge Manager Service Incorrect Permission Assignment Privilege Escalation Vulnerability
First published: Tue Oct 27 2020(Updated: )
Code execution with escalated privileges vulnerability in Micro Focus products Operation Bridge Manager and Operation Bridge (containerized). The vulneravility affects: 1.) Operation Bridge Manager versions: 2020.05, 2019.11, 2019.05, 2018.11, 2018.05, 10.63,10.62, 10.61, 10.60, 10.12, 10.11, 10.10 and all earlier versions. 2.) Operations Bridge (containerized) versions: 2020.05, 2019.08, 2019.05, 2018.11, 2018.08, 2018.05. 2018.02 and 2017.11. The vulnerability could allow local attackers to execute code with escalated privileges.
Credit: security@microfocus.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| OpenText Operations Bridge Manager | ||
| OpenText Operations Bridge Manager | =2017.11 | |
| OpenText Operations Bridge Manager | =2018.02 | |
| OpenText Operations Bridge Manager | =2018.05 | |
| OpenText Operations Bridge Manager | =2018.08 | |
| OpenText Operations Bridge Manager | =2018.11 | |
| OpenText Operations Bridge Manager | =2019.05 | |
| OpenText Operations Bridge Manager | =2019.08 | |
| OpenText Operations Bridge Manager | =2020.05 | |
| Micro Focus Operations Bridge Manager | <=10.10 | |
| Micro Focus Operations Bridge Manager | =10.11 | |
| Micro Focus Operations Bridge Manager | =10.12 | |
| Micro Focus Operations Bridge Manager | =10.60 | |
| Micro Focus Operations Bridge Manager | =10.61 | |
| Micro Focus Operations Bridge Manager | =10.62 | |
| Micro Focus Operations Bridge Manager | =10.63 | |
| Micro Focus Operations Bridge Manager | =2018.05 | |
| Micro Focus Operations Bridge Manager | =2018.11 | |
| Micro Focus Operations Bridge Manager | =2019.05 | |
| Micro Focus Operations Bridge Manager | =2019.11 | |
| Micro Focus Operations Bridge Manager | =2020.05 |
Remedy
For Operation Bridge Manager https://softwaresupport.softwaregrp.com/doc/KM03747658 For Operation Bridge (containerized) https://softwaresupport.softwaregrp.com/doc/KM03747854
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is the vulnerability ID for this vulnerability?
The vulnerability ID for this vulnerability is CVE-2020-11858.
What products are affected by this vulnerability?
Micro Focus Operations Bridge Manager and Operation Bridge (containerized) are affected by this vulnerability.
What is the severity of CVE-2020-11858?
CVE-2020-11858 has a severity level of high (7.8).
How can I exploit this vulnerability?
We do not provide information on how to exploit vulnerabilities. Please refer to official advisories and documentation for more information.
Is there a fix available for CVE-2020-11858?
Yes, patches and updates have been released to address the vulnerability. Please refer to the vendor's official advisories and documentation for the appropriate fixes.
- agent/references
- agent/type
- collector/mitre-cve
- source/MITRE
- agent/severity
- agent/last-modified-date
- agent/author
- agent/title
- agent/remedy
- agent/description
- agent/first-publish-date
- agent/event
- agent/trending
- agent/source
- agent/softwarecombine
- agent/tags
- collector/zdi-advisory
- source/ZDI
- alias/ZDI-20-1326
- alias/ZDI-CAN-11204
- alias/CVE-2020-11858
- agent/software-canonical-lookup
- agent/software-canonical-lookup-request
- collector/nvd-index
- vendor/micro focus
- canonical/opentext operations bridge manager
- vendor/microfocus
- version/opentext operations bridge manager/2017.11
- version/opentext operations bridge manager/2018.02
- version/opentext operations bridge manager/2018.05
- version/opentext operations bridge manager/2018.08
- version/opentext operations bridge manager/2018.11
- version/opentext operations bridge manager/2019.05
- version/opentext operations bridge manager/2019.08
- version/opentext operations bridge manager/2020.05
- canonical/micro focus operations bridge manager
- version/micro focus operations bridge manager/10.10
- version/micro focus operations bridge manager/10.11
- version/micro focus operations bridge manager/10.12
- version/micro focus operations bridge manager/10.60
- version/micro focus operations bridge manager/10.61
- version/micro focus operations bridge manager/10.62
- version/micro focus operations bridge manager/10.63
- version/micro focus operations bridge manager/2018.05
- version/micro focus operations bridge manager/2018.11
- version/micro focus operations bridge manager/2019.05
- version/micro focus operations bridge manager/2019.11
- version/micro focus operations bridge manager/2020.05