CVE-2020-9518
First published: Mon Mar 16 2020(Updated: )
Login filter can access configuration files vulnerability in Micro Focus Service Manager (Web Tier), affecting versions 9.50, 9.51, 9.52, 9.60, 9.61, 9.62. The vulnerability could be exploited to allow unauthorized access to configuration data.
Credit: security@microfocus.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| HP Service Manager | >=9.50<=9.62 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is the severity of CVE-2020-9518?
CVE-2020-9518 has a high severity rating as it allows unauthorized access to sensitive configuration files.
How do I fix CVE-2020-9518?
To fix CVE-2020-9518, upgrade Micro Focus Service Manager to a version beyond 9.62 that addresses this vulnerability.
What versions of Micro Focus Service Manager are affected by CVE-2020-9518?
CVE-2020-9518 affects Micro Focus Service Manager versions 9.50 through 9.62.
What type of data is exposed in CVE-2020-9518?
CVE-2020-9518 exposes configuration data that could lead to unauthorized access.
Is there a workaround for CVE-2020-9518?
While upgrading is the recommended solution, implementing strict access controls can serve as a temporary workaround for CVE-2020-9518.
- agent/type
- agent/softwarecombine
- collector/mitre-cve
- source/MITRE
- agent/author
- agent/last-modified-date
- agent/severity
- agent/references
- agent/description
- agent/event
- agent/first-publish-date
- agent/source
- agent/tags
- collector/nvd-index
- agent/software-canonical-lookup-request
- vendor/microfocus
- canonical/hp service manager
- version/hp service manager/9.50
- version/hp service manager/9.62