Search

Find a vulnerability

Search criteria

    8 vulnerabilities found for Solutions Business Manager (SBM) by Micro Focus

    CVE-2018-19644 (GCVE-0-2018-19644)

    Vulnerability from nvd – Published: 2019-03-27 17:07 – Updated: 2024-09-17 01:30
    VLAI
    Title
    Solutions Business Manager (SBM) reflected cross site script issue in version prior to 11.5
    Summary
    Reflected cross site script issue in Micro Focus Solutions Business Manager (SBM) (formerly Serena Business Manager (SBM)) versions prior to 11.5.
    CWE
    • reflected cross site script
    Assigner
    References
    Impacted products
    Date Public
    2019-01-23 00:00
    Credits
    Special thanks goes to Alessio Sergi of Verizon Enterprise Solutions for responsibly disclosing this CVE.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-05T11:44:19.589Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "http://help.serena.com/doc_center/sbm/ver11_5/sbm_release_notes.htm"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "Solutions Business Manager (SBM)",
              "vendor": "Micro Focus",
              "versions": [
                {
                  "status": "affected",
                  "version": "\u003c 11.5"
                }
              ]
            }
          ],
          "credits": [
            {
              "lang": "en",
              "value": "Special thanks goes to Alessio Sergi of Verizon Enterprise Solutions for responsibly disclosing this CVE."
            }
          ],
          "datePublic": "2019-01-23T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "Reflected cross site script issue in Micro Focus Solutions Business Manager (SBM) (formerly Serena Business Manager (SBM)) versions prior to 11.5."
            }
          ],
          "metrics": [
            {
              "cvssV3_0": {
                "attackComplexity": "LOW",
                "attackVector": "LOCAL",
                "availabilityImpact": "NONE",
                "baseScore": 5,
                "baseSeverity": "MEDIUM",
                "confidentialityImpact": "HIGH",
                "integrityImpact": "NONE",
                "privilegesRequired": "LOW",
                "scope": "UNCHANGED",
                "userInteraction": "REQUIRED",
                "vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:N/A:N",
                "version": "3.0"
              }
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "reflected cross site script",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2021-01-06T16:15:37.000Z",
            "orgId": "f81092c5-7f14-476d-80dc-24857f90be84",
            "shortName": "microfocus"
          },
          "references": [
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "http://help.serena.com/doc_center/sbm/ver11_5/sbm_release_notes.htm"
            }
          ],
          "solutions": [
            {
              "lang": "en",
              "value": "Upgrade to Solutions Business Manager (SBM) (formerly Serena Business Manager (SBM)) 11.5"
            }
          ],
          "source": {
            "discovery": "EXTERNAL"
          },
          "title": "Solutions Business Manager (SBM) reflected cross site script issue in version prior to 11.5",
          "x_generator": {
            "engine": "Vulnogram 0.0.5"
          },
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "security@microfocus.com",
              "DATE_PUBLIC": "2019-01-23T01:00:00.000Z",
              "ID": "CVE-2018-19644",
              "STATE": "PUBLIC",
              "TITLE": "Solutions Business Manager (SBM) reflected cross site script issue in version prior to 11.5"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "Solutions Business Manager (SBM)",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "\u003c 11.5"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "Micro Focus"
                  }
                ]
              }
            },
            "credit": [
              {
                "lang": "eng",
                "value": "Special thanks goes to Alessio Sergi of Verizon Enterprise Solutions for responsibly disclosing this CVE."
              }
            ],
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "Reflected cross site script issue in Micro Focus Solutions Business Manager (SBM) (formerly Serena Business Manager (SBM)) versions prior to 11.5."
                }
              ]
            },
            "generator": {
              "engine": "Vulnogram 0.0.5"
            },
            "impact": {
              "cvss": {
                "attackComplexity": "LOW",
                "attackVector": "LOCAL",
                "availabilityImpact": "NONE",
                "baseScore": 5,
                "baseSeverity": "MEDIUM",
                "confidentialityImpact": "HIGH",
                "integrityImpact": "NONE",
                "privilegesRequired": "LOW",
                "scope": "UNCHANGED",
                "userInteraction": "REQUIRED",
                "vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:N/A:N",
                "version": "3.0"
              }
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "reflected cross site script"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "http://help.serena.com/doc_center/sbm/ver11_5/sbm_release_notes.htm",
                  "refsource": "CONFIRM",
                  "url": "http://help.serena.com/doc_center/sbm/ver11_5/sbm_release_notes.htm"
                }
              ]
            },
            "solution": [
              {
                "lang": "en",
                "value": "Upgrade to Solutions Business Manager (SBM) (formerly Serena Business Manager (SBM)) 11.5"
              }
            ],
            "source": {
              "discovery": "EXTERNAL"
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "f81092c5-7f14-476d-80dc-24857f90be84",
        "assignerShortName": "microfocus",
        "cveId": "CVE-2018-19644",
        "datePublished": "2019-03-27T17:07:17.697Z",
        "dateReserved": "2018-11-28T00:00:00.000Z",
        "dateUpdated": "2024-09-17T01:30:52.345Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2018-19643 (GCVE-0-2018-19643)

    Vulnerability from nvd – Published: 2019-03-27 17:13 – Updated: 2024-09-17 02:56
    VLAI
    Title
    Solutions Business Manager (SBM) Information Leakage issue in version prior to 11.5
    Summary
    Information leakage issue in Micro Focus Solutions Business Manager (SBM) (formerly Serena Business Manager (SBM)) versions prior to 11.5.
    CWE
    • Information Leakage
    Assigner
    References
    Impacted products
    Date Public
    2019-01-23 00:00
    Credits
    Special thanks goes to Alessio Sergi of Verizon Enterprise Solutions for responsibly disclosing this CVE.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-05T11:44:19.620Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "http://help.serena.com/doc_center/sbm/ver11_5/sbm_release_notes.htm"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "Solutions Business Manager (SBM)",
              "vendor": "Micro Focus",
              "versions": [
                {
                  "status": "affected",
                  "version": "\u003c 11.5"
                }
              ]
            }
          ],
          "credits": [
            {
              "lang": "en",
              "value": "Special thanks goes to Alessio Sergi of Verizon Enterprise Solutions for responsibly disclosing this CVE."
            }
          ],
          "datePublic": "2019-01-23T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "Information leakage issue in Micro Focus Solutions Business Manager (SBM) (formerly Serena Business Manager (SBM)) versions prior to 11.5."
            }
          ],
          "metrics": [
            {
              "cvssV3_0": {
                "attackComplexity": "HIGH",
                "attackVector": "LOCAL",
                "availabilityImpact": "NONE",
                "baseScore": 4.7,
                "baseSeverity": "MEDIUM",
                "confidentialityImpact": "HIGH",
                "integrityImpact": "NONE",
                "privilegesRequired": "NONE",
                "scope": "UNCHANGED",
                "userInteraction": "REQUIRED",
                "vectorString": "CVSS:3.0/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:N/A:N",
                "version": "3.0"
              }
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "Information Leakage",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2021-01-06T16:15:25.000Z",
            "orgId": "f81092c5-7f14-476d-80dc-24857f90be84",
            "shortName": "microfocus"
          },
          "references": [
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "http://help.serena.com/doc_center/sbm/ver11_5/sbm_release_notes.htm"
            }
          ],
          "solutions": [
            {
              "lang": "en",
              "value": "Upgrade to Solutions Business Manager (SBM) (formerly Serena Business Manager (SBM)) 11.5"
            }
          ],
          "source": {
            "discovery": "EXTERNAL"
          },
          "title": "Solutions Business Manager (SBM) Information Leakage issue in version prior to 11.5",
          "x_generator": {
            "engine": "Vulnogram 0.0.5"
          },
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "security@microfocus.com",
              "DATE_PUBLIC": "2019-01-23T01:00:00.000Z",
              "ID": "CVE-2018-19643",
              "STATE": "PUBLIC",
              "TITLE": "Solutions Business Manager (SBM) Information Leakage issue in version prior to 11.5"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "Solutions Business Manager (SBM)",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "\u003c 11.5"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "Micro Focus"
                  }
                ]
              }
            },
            "credit": [
              {
                "lang": "eng",
                "value": "Special thanks goes to Alessio Sergi of Verizon Enterprise Solutions for responsibly disclosing this CVE."
              }
            ],
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "Information leakage issue in Micro Focus Solutions Business Manager (SBM) (formerly Serena Business Manager (SBM)) versions prior to 11.5."
                }
              ]
            },
            "generator": {
              "engine": "Vulnogram 0.0.5"
            },
            "impact": {
              "cvss": {
                "attackComplexity": "HIGH",
                "attackVector": "LOCAL",
                "availabilityImpact": "NONE",
                "baseScore": 4.7,
                "baseSeverity": "MEDIUM",
                "confidentialityImpact": "HIGH",
                "integrityImpact": "NONE",
                "privilegesRequired": "NONE",
                "scope": "UNCHANGED",
                "userInteraction": "REQUIRED",
                "vectorString": "CVSS:3.0/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:N/A:N",
                "version": "3.0"
              }
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "Information Leakage"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "http://help.serena.com/doc_center/sbm/ver11_5/sbm_release_notes.htm",
                  "refsource": "CONFIRM",
                  "url": "http://help.serena.com/doc_center/sbm/ver11_5/sbm_release_notes.htm"
                }
              ]
            },
            "solution": [
              {
                "lang": "en",
                "value": "Upgrade to Solutions Business Manager (SBM) (formerly Serena Business Manager (SBM)) 11.5"
              }
            ],
            "source": {
              "discovery": "EXTERNAL"
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "f81092c5-7f14-476d-80dc-24857f90be84",
        "assignerShortName": "microfocus",
        "cveId": "CVE-2018-19643",
        "datePublished": "2019-03-27T17:13:45.549Z",
        "dateReserved": "2018-11-28T00:00:00.000Z",
        "dateUpdated": "2024-09-17T02:56:35.734Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2018-19642 (GCVE-0-2018-19642)

    Vulnerability from nvd – Published: 2019-03-27 16:55 – Updated: 2024-09-17 00:06
    VLAI
    Title
    Solutions Business Manager (SBM) Denial of Service issue in version prior to 11.5
    Summary
    Denial of service issue in Micro Focus Solutions Business Manager (SBM) (formerly Serena Business Manager (SBM)) versions prior to 11.5.
    CWE
    • denial of service
    Assigner
    References
    Impacted products
    Date Public
    2019-01-23 00:00
    Credits
    Special thanks goes to Alessio Sergi of Verizon Enterprise Solutions for responsibly disclosing this CVE.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-05T11:44:20.177Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "http://help.serena.com/doc_center/sbm/ver11_5/sbm_release_notes.htm"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "Solutions Business Manager (SBM)",
              "vendor": "Micro Focus",
              "versions": [
                {
                  "status": "affected",
                  "version": "\u003c 11.5"
                }
              ]
            }
          ],
          "credits": [
            {
              "lang": "en",
              "value": "Special thanks goes to Alessio Sergi of Verizon Enterprise Solutions for responsibly disclosing this CVE."
            }
          ],
          "datePublic": "2019-01-23T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "Denial of service issue in Micro Focus Solutions Business Manager (SBM) (formerly Serena Business Manager (SBM)) versions prior to 11.5."
            }
          ],
          "metrics": [
            {
              "cvssV3_0": {
                "attackComplexity": "HIGH",
                "attackVector": "LOCAL",
                "availabilityImpact": "HIGH",
                "baseScore": 5.1,
                "baseSeverity": "MEDIUM",
                "confidentialityImpact": "NONE",
                "integrityImpact": "NONE",
                "privilegesRequired": "NONE",
                "scope": "UNCHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.0/AV:L/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H",
                "version": "3.0"
              }
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "denial of service",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2021-01-06T16:15:54.000Z",
            "orgId": "f81092c5-7f14-476d-80dc-24857f90be84",
            "shortName": "microfocus"
          },
          "references": [
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "http://help.serena.com/doc_center/sbm/ver11_5/sbm_release_notes.htm"
            }
          ],
          "solutions": [
            {
              "lang": "en",
              "value": "Upgrade to Solutions Business Manager (SBM) (formerly Serena Business Manager (SBM)) 11.5"
            }
          ],
          "source": {
            "discovery": "EXTERNAL"
          },
          "title": "Solutions Business Manager (SBM) Denial of Service issue in version prior to 11.5",
          "x_generator": {
            "engine": "Vulnogram 0.0.5"
          },
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "security@microfocus.com",
              "DATE_PUBLIC": "2019-01-23T01:00:00.000Z",
              "ID": "CVE-2018-19642",
              "STATE": "PUBLIC",
              "TITLE": "Solutions Business Manager (SBM) Denial of Service issue in version prior to 11.5"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "Solutions Business Manager (SBM)",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "\u003c 11.5"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "Micro Focus"
                  }
                ]
              }
            },
            "credit": [
              {
                "lang": "eng",
                "value": "Special thanks goes to Alessio Sergi of Verizon Enterprise Solutions for responsibly disclosing this CVE."
              }
            ],
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "Denial of service issue in Micro Focus Solutions Business Manager (SBM) (formerly Serena Business Manager (SBM)) versions prior to 11.5."
                }
              ]
            },
            "generator": {
              "engine": "Vulnogram 0.0.5"
            },
            "impact": {
              "cvss": {
                "attackComplexity": "HIGH",
                "attackVector": "LOCAL",
                "availabilityImpact": "HIGH",
                "baseScore": 5.1,
                "baseSeverity": "MEDIUM",
                "confidentialityImpact": "NONE",
                "integrityImpact": "NONE",
                "privilegesRequired": "NONE",
                "scope": "UNCHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.0/AV:L/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H",
                "version": "3.0"
              }
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "denial of service"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "http://help.serena.com/doc_center/sbm/ver11_5/sbm_release_notes.htm",
                  "refsource": "CONFIRM",
                  "url": "http://help.serena.com/doc_center/sbm/ver11_5/sbm_release_notes.htm"
                }
              ]
            },
            "solution": [
              {
                "lang": "en",
                "value": "Upgrade to Solutions Business Manager (SBM) (formerly Serena Business Manager (SBM)) 11.5"
              }
            ],
            "source": {
              "discovery": "EXTERNAL"
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "f81092c5-7f14-476d-80dc-24857f90be84",
        "assignerShortName": "microfocus",
        "cveId": "CVE-2018-19642",
        "datePublished": "2019-03-27T16:55:13.340Z",
        "dateReserved": "2018-11-28T00:00:00.000Z",
        "dateUpdated": "2024-09-17T00:06:25.715Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2018-19641 (GCVE-0-2018-19641)

    Vulnerability from nvd – Published: 2019-03-27 16:42 – Updated: 2024-09-16 17:47
    VLAI
    Title
    Solutions Business Manager (SBM) Unauthenticated remote code execution issue in version prior to 11.5
    Summary
    Unauthenticated remote code execution issue in Micro Focus Solutions Business Manager (SBM) (formerly Serena Business Manager (SBM)) versions prior to 11.5.
    CWE
    • Unauthenticated remote code execution
    Assigner
    References
    Impacted products
    Date Public
    2019-01-23 00:00
    Credits
    Special thanks goes to Alessio Sergi of Verizon Enterprise Solutions for responsibly disclosing this CVE.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-05T11:44:20.199Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "http://help.serena.com/doc_center/sbm/ver11_5/sbm_release_notes.htm"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "Solutions Business Manager (SBM)",
              "vendor": "Micro Focus",
              "versions": [
                {
                  "status": "affected",
                  "version": "\u003c 11.5"
                }
              ]
            }
          ],
          "credits": [
            {
              "lang": "en",
              "value": "Special thanks goes to Alessio Sergi of Verizon Enterprise Solutions for responsibly disclosing this CVE."
            }
          ],
          "datePublic": "2019-01-23T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "Unauthenticated remote code execution issue in Micro Focus Solutions Business Manager (SBM) (formerly Serena Business Manager (SBM)) versions prior to 11.5."
            }
          ],
          "metrics": [
            {
              "cvssV3_0": {
                "attackComplexity": "LOW",
                "attackVector": "LOCAL",
                "availabilityImpact": "NONE",
                "baseScore": 6.1,
                "baseSeverity": "MEDIUM",
                "confidentialityImpact": "LOW",
                "integrityImpact": "HIGH",
                "privilegesRequired": "NONE",
                "scope": "UNCHANGED",
                "userInteraction": "REQUIRED",
                "vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:H/A:N",
                "version": "3.0"
              }
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "Unauthenticated remote code execution",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2021-01-06T16:15:52.000Z",
            "orgId": "f81092c5-7f14-476d-80dc-24857f90be84",
            "shortName": "microfocus"
          },
          "references": [
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "http://help.serena.com/doc_center/sbm/ver11_5/sbm_release_notes.htm"
            }
          ],
          "solutions": [
            {
              "lang": "en",
              "value": "Upgrade to Solutions Business Manager (SBM) (formerly Serena Business Manager (SBM)) 11.5"
            }
          ],
          "source": {
            "discovery": "EXTERNAL"
          },
          "title": "Solutions Business Manager (SBM) Unauthenticated remote code execution issue in version prior to 11.5",
          "x_generator": {
            "engine": "Vulnogram 0.0.5"
          },
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "AKA": "",
              "ASSIGNER": "security@microfocus.com",
              "DATE_PUBLIC": "2019-01-23T01:00:00.000Z",
              "ID": "CVE-2018-19641",
              "STATE": "PUBLIC",
              "TITLE": "Solutions Business Manager (SBM) Unauthenticated remote code execution issue in version prior to 11.5"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "Solutions Business Manager (SBM)",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "\u003c 11.5"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "Micro Focus"
                  }
                ]
              }
            },
            "configuration": [],
            "credit": [
              {
                "lang": "eng",
                "value": "Special thanks goes to Alessio Sergi of Verizon Enterprise Solutions for responsibly disclosing this CVE."
              }
            ],
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "Unauthenticated remote code execution issue in Micro Focus Solutions Business Manager (SBM) (formerly Serena Business Manager (SBM)) versions prior to 11.5."
                }
              ]
            },
            "exploit": [],
            "generator": {
              "engine": "Vulnogram 0.0.5"
            },
            "impact": {
              "cvss": {
                "attackComplexity": "LOW",
                "attackVector": "LOCAL",
                "availabilityImpact": "NONE",
                "baseScore": 6.1,
                "baseSeverity": "MEDIUM",
                "confidentialityImpact": "LOW",
                "integrityImpact": "HIGH",
                "privilegesRequired": "NONE",
                "scope": "UNCHANGED",
                "userInteraction": "REQUIRED",
                "vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:H/A:N",
                "version": "3.0"
              }
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "Unauthenticated remote code execution"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "http://help.serena.com/doc_center/sbm/ver11_5/sbm_release_notes.htm",
                  "refsource": "CONFIRM",
                  "url": "http://help.serena.com/doc_center/sbm/ver11_5/sbm_release_notes.htm"
                }
              ]
            },
            "solution": [
              {
                "lang": "en",
                "value": "Upgrade to Solutions Business Manager (SBM) (formerly Serena Business Manager (SBM)) 11.5"
              }
            ],
            "source": {
              "advisory": "",
              "defect": [],
              "discovery": "EXTERNAL"
            },
            "work_around": []
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "f81092c5-7f14-476d-80dc-24857f90be84",
        "assignerShortName": "microfocus",
        "cveId": "CVE-2018-19641",
        "datePublished": "2019-03-27T16:42:08.179Z",
        "dateReserved": "2018-11-28T00:00:00.000Z",
        "dateUpdated": "2024-09-16T17:47:50.052Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2018-19643 (GCVE-0-2018-19643)

    Vulnerability from cvelistv5 – Published: 2019-03-27 17:13 – Updated: 2024-09-17 02:56
    VLAI
    Title
    Solutions Business Manager (SBM) Information Leakage issue in version prior to 11.5
    Summary
    Information leakage issue in Micro Focus Solutions Business Manager (SBM) (formerly Serena Business Manager (SBM)) versions prior to 11.5.
    CWE
    • Information Leakage
    Assigner
    References
    Impacted products
    Date Public
    2019-01-23 00:00
    Credits
    Special thanks goes to Alessio Sergi of Verizon Enterprise Solutions for responsibly disclosing this CVE.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-05T11:44:19.620Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "http://help.serena.com/doc_center/sbm/ver11_5/sbm_release_notes.htm"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "Solutions Business Manager (SBM)",
              "vendor": "Micro Focus",
              "versions": [
                {
                  "status": "affected",
                  "version": "\u003c 11.5"
                }
              ]
            }
          ],
          "credits": [
            {
              "lang": "en",
              "value": "Special thanks goes to Alessio Sergi of Verizon Enterprise Solutions for responsibly disclosing this CVE."
            }
          ],
          "datePublic": "2019-01-23T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "Information leakage issue in Micro Focus Solutions Business Manager (SBM) (formerly Serena Business Manager (SBM)) versions prior to 11.5."
            }
          ],
          "metrics": [
            {
              "cvssV3_0": {
                "attackComplexity": "HIGH",
                "attackVector": "LOCAL",
                "availabilityImpact": "NONE",
                "baseScore": 4.7,
                "baseSeverity": "MEDIUM",
                "confidentialityImpact": "HIGH",
                "integrityImpact": "NONE",
                "privilegesRequired": "NONE",
                "scope": "UNCHANGED",
                "userInteraction": "REQUIRED",
                "vectorString": "CVSS:3.0/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:N/A:N",
                "version": "3.0"
              }
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "Information Leakage",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2021-01-06T16:15:25.000Z",
            "orgId": "f81092c5-7f14-476d-80dc-24857f90be84",
            "shortName": "microfocus"
          },
          "references": [
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "http://help.serena.com/doc_center/sbm/ver11_5/sbm_release_notes.htm"
            }
          ],
          "solutions": [
            {
              "lang": "en",
              "value": "Upgrade to Solutions Business Manager (SBM) (formerly Serena Business Manager (SBM)) 11.5"
            }
          ],
          "source": {
            "discovery": "EXTERNAL"
          },
          "title": "Solutions Business Manager (SBM) Information Leakage issue in version prior to 11.5",
          "x_generator": {
            "engine": "Vulnogram 0.0.5"
          },
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "security@microfocus.com",
              "DATE_PUBLIC": "2019-01-23T01:00:00.000Z",
              "ID": "CVE-2018-19643",
              "STATE": "PUBLIC",
              "TITLE": "Solutions Business Manager (SBM) Information Leakage issue in version prior to 11.5"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "Solutions Business Manager (SBM)",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "\u003c 11.5"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "Micro Focus"
                  }
                ]
              }
            },
            "credit": [
              {
                "lang": "eng",
                "value": "Special thanks goes to Alessio Sergi of Verizon Enterprise Solutions for responsibly disclosing this CVE."
              }
            ],
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "Information leakage issue in Micro Focus Solutions Business Manager (SBM) (formerly Serena Business Manager (SBM)) versions prior to 11.5."
                }
              ]
            },
            "generator": {
              "engine": "Vulnogram 0.0.5"
            },
            "impact": {
              "cvss": {
                "attackComplexity": "HIGH",
                "attackVector": "LOCAL",
                "availabilityImpact": "NONE",
                "baseScore": 4.7,
                "baseSeverity": "MEDIUM",
                "confidentialityImpact": "HIGH",
                "integrityImpact": "NONE",
                "privilegesRequired": "NONE",
                "scope": "UNCHANGED",
                "userInteraction": "REQUIRED",
                "vectorString": "CVSS:3.0/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:N/A:N",
                "version": "3.0"
              }
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "Information Leakage"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "http://help.serena.com/doc_center/sbm/ver11_5/sbm_release_notes.htm",
                  "refsource": "CONFIRM",
                  "url": "http://help.serena.com/doc_center/sbm/ver11_5/sbm_release_notes.htm"
                }
              ]
            },
            "solution": [
              {
                "lang": "en",
                "value": "Upgrade to Solutions Business Manager (SBM) (formerly Serena Business Manager (SBM)) 11.5"
              }
            ],
            "source": {
              "discovery": "EXTERNAL"
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "f81092c5-7f14-476d-80dc-24857f90be84",
        "assignerShortName": "microfocus",
        "cveId": "CVE-2018-19643",
        "datePublished": "2019-03-27T17:13:45.549Z",
        "dateReserved": "2018-11-28T00:00:00.000Z",
        "dateUpdated": "2024-09-17T02:56:35.734Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2018-19644 (GCVE-0-2018-19644)

    Vulnerability from cvelistv5 – Published: 2019-03-27 17:07 – Updated: 2024-09-17 01:30
    VLAI
    Title
    Solutions Business Manager (SBM) reflected cross site script issue in version prior to 11.5
    Summary
    Reflected cross site script issue in Micro Focus Solutions Business Manager (SBM) (formerly Serena Business Manager (SBM)) versions prior to 11.5.
    CWE
    • reflected cross site script
    Assigner
    References
    Impacted products
    Date Public
    2019-01-23 00:00
    Credits
    Special thanks goes to Alessio Sergi of Verizon Enterprise Solutions for responsibly disclosing this CVE.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-05T11:44:19.589Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "http://help.serena.com/doc_center/sbm/ver11_5/sbm_release_notes.htm"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "Solutions Business Manager (SBM)",
              "vendor": "Micro Focus",
              "versions": [
                {
                  "status": "affected",
                  "version": "\u003c 11.5"
                }
              ]
            }
          ],
          "credits": [
            {
              "lang": "en",
              "value": "Special thanks goes to Alessio Sergi of Verizon Enterprise Solutions for responsibly disclosing this CVE."
            }
          ],
          "datePublic": "2019-01-23T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "Reflected cross site script issue in Micro Focus Solutions Business Manager (SBM) (formerly Serena Business Manager (SBM)) versions prior to 11.5."
            }
          ],
          "metrics": [
            {
              "cvssV3_0": {
                "attackComplexity": "LOW",
                "attackVector": "LOCAL",
                "availabilityImpact": "NONE",
                "baseScore": 5,
                "baseSeverity": "MEDIUM",
                "confidentialityImpact": "HIGH",
                "integrityImpact": "NONE",
                "privilegesRequired": "LOW",
                "scope": "UNCHANGED",
                "userInteraction": "REQUIRED",
                "vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:N/A:N",
                "version": "3.0"
              }
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "reflected cross site script",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2021-01-06T16:15:37.000Z",
            "orgId": "f81092c5-7f14-476d-80dc-24857f90be84",
            "shortName": "microfocus"
          },
          "references": [
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "http://help.serena.com/doc_center/sbm/ver11_5/sbm_release_notes.htm"
            }
          ],
          "solutions": [
            {
              "lang": "en",
              "value": "Upgrade to Solutions Business Manager (SBM) (formerly Serena Business Manager (SBM)) 11.5"
            }
          ],
          "source": {
            "discovery": "EXTERNAL"
          },
          "title": "Solutions Business Manager (SBM) reflected cross site script issue in version prior to 11.5",
          "x_generator": {
            "engine": "Vulnogram 0.0.5"
          },
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "security@microfocus.com",
              "DATE_PUBLIC": "2019-01-23T01:00:00.000Z",
              "ID": "CVE-2018-19644",
              "STATE": "PUBLIC",
              "TITLE": "Solutions Business Manager (SBM) reflected cross site script issue in version prior to 11.5"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "Solutions Business Manager (SBM)",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "\u003c 11.5"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "Micro Focus"
                  }
                ]
              }
            },
            "credit": [
              {
                "lang": "eng",
                "value": "Special thanks goes to Alessio Sergi of Verizon Enterprise Solutions for responsibly disclosing this CVE."
              }
            ],
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "Reflected cross site script issue in Micro Focus Solutions Business Manager (SBM) (formerly Serena Business Manager (SBM)) versions prior to 11.5."
                }
              ]
            },
            "generator": {
              "engine": "Vulnogram 0.0.5"
            },
            "impact": {
              "cvss": {
                "attackComplexity": "LOW",
                "attackVector": "LOCAL",
                "availabilityImpact": "NONE",
                "baseScore": 5,
                "baseSeverity": "MEDIUM",
                "confidentialityImpact": "HIGH",
                "integrityImpact": "NONE",
                "privilegesRequired": "LOW",
                "scope": "UNCHANGED",
                "userInteraction": "REQUIRED",
                "vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:N/A:N",
                "version": "3.0"
              }
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "reflected cross site script"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "http://help.serena.com/doc_center/sbm/ver11_5/sbm_release_notes.htm",
                  "refsource": "CONFIRM",
                  "url": "http://help.serena.com/doc_center/sbm/ver11_5/sbm_release_notes.htm"
                }
              ]
            },
            "solution": [
              {
                "lang": "en",
                "value": "Upgrade to Solutions Business Manager (SBM) (formerly Serena Business Manager (SBM)) 11.5"
              }
            ],
            "source": {
              "discovery": "EXTERNAL"
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "f81092c5-7f14-476d-80dc-24857f90be84",
        "assignerShortName": "microfocus",
        "cveId": "CVE-2018-19644",
        "datePublished": "2019-03-27T17:07:17.697Z",
        "dateReserved": "2018-11-28T00:00:00.000Z",
        "dateUpdated": "2024-09-17T01:30:52.345Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2018-19642 (GCVE-0-2018-19642)

    Vulnerability from cvelistv5 – Published: 2019-03-27 16:55 – Updated: 2024-09-17 00:06
    VLAI
    Title
    Solutions Business Manager (SBM) Denial of Service issue in version prior to 11.5
    Summary
    Denial of service issue in Micro Focus Solutions Business Manager (SBM) (formerly Serena Business Manager (SBM)) versions prior to 11.5.
    CWE
    • denial of service
    Assigner
    References
    Impacted products
    Date Public
    2019-01-23 00:00
    Credits
    Special thanks goes to Alessio Sergi of Verizon Enterprise Solutions for responsibly disclosing this CVE.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-05T11:44:20.177Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "http://help.serena.com/doc_center/sbm/ver11_5/sbm_release_notes.htm"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "Solutions Business Manager (SBM)",
              "vendor": "Micro Focus",
              "versions": [
                {
                  "status": "affected",
                  "version": "\u003c 11.5"
                }
              ]
            }
          ],
          "credits": [
            {
              "lang": "en",
              "value": "Special thanks goes to Alessio Sergi of Verizon Enterprise Solutions for responsibly disclosing this CVE."
            }
          ],
          "datePublic": "2019-01-23T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "Denial of service issue in Micro Focus Solutions Business Manager (SBM) (formerly Serena Business Manager (SBM)) versions prior to 11.5."
            }
          ],
          "metrics": [
            {
              "cvssV3_0": {
                "attackComplexity": "HIGH",
                "attackVector": "LOCAL",
                "availabilityImpact": "HIGH",
                "baseScore": 5.1,
                "baseSeverity": "MEDIUM",
                "confidentialityImpact": "NONE",
                "integrityImpact": "NONE",
                "privilegesRequired": "NONE",
                "scope": "UNCHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.0/AV:L/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H",
                "version": "3.0"
              }
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "denial of service",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2021-01-06T16:15:54.000Z",
            "orgId": "f81092c5-7f14-476d-80dc-24857f90be84",
            "shortName": "microfocus"
          },
          "references": [
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "http://help.serena.com/doc_center/sbm/ver11_5/sbm_release_notes.htm"
            }
          ],
          "solutions": [
            {
              "lang": "en",
              "value": "Upgrade to Solutions Business Manager (SBM) (formerly Serena Business Manager (SBM)) 11.5"
            }
          ],
          "source": {
            "discovery": "EXTERNAL"
          },
          "title": "Solutions Business Manager (SBM) Denial of Service issue in version prior to 11.5",
          "x_generator": {
            "engine": "Vulnogram 0.0.5"
          },
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "security@microfocus.com",
              "DATE_PUBLIC": "2019-01-23T01:00:00.000Z",
              "ID": "CVE-2018-19642",
              "STATE": "PUBLIC",
              "TITLE": "Solutions Business Manager (SBM) Denial of Service issue in version prior to 11.5"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "Solutions Business Manager (SBM)",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "\u003c 11.5"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "Micro Focus"
                  }
                ]
              }
            },
            "credit": [
              {
                "lang": "eng",
                "value": "Special thanks goes to Alessio Sergi of Verizon Enterprise Solutions for responsibly disclosing this CVE."
              }
            ],
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "Denial of service issue in Micro Focus Solutions Business Manager (SBM) (formerly Serena Business Manager (SBM)) versions prior to 11.5."
                }
              ]
            },
            "generator": {
              "engine": "Vulnogram 0.0.5"
            },
            "impact": {
              "cvss": {
                "attackComplexity": "HIGH",
                "attackVector": "LOCAL",
                "availabilityImpact": "HIGH",
                "baseScore": 5.1,
                "baseSeverity": "MEDIUM",
                "confidentialityImpact": "NONE",
                "integrityImpact": "NONE",
                "privilegesRequired": "NONE",
                "scope": "UNCHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.0/AV:L/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H",
                "version": "3.0"
              }
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "denial of service"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "http://help.serena.com/doc_center/sbm/ver11_5/sbm_release_notes.htm",
                  "refsource": "CONFIRM",
                  "url": "http://help.serena.com/doc_center/sbm/ver11_5/sbm_release_notes.htm"
                }
              ]
            },
            "solution": [
              {
                "lang": "en",
                "value": "Upgrade to Solutions Business Manager (SBM) (formerly Serena Business Manager (SBM)) 11.5"
              }
            ],
            "source": {
              "discovery": "EXTERNAL"
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "f81092c5-7f14-476d-80dc-24857f90be84",
        "assignerShortName": "microfocus",
        "cveId": "CVE-2018-19642",
        "datePublished": "2019-03-27T16:55:13.340Z",
        "dateReserved": "2018-11-28T00:00:00.000Z",
        "dateUpdated": "2024-09-17T00:06:25.715Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2018-19641 (GCVE-0-2018-19641)

    Vulnerability from cvelistv5 – Published: 2019-03-27 16:42 – Updated: 2024-09-16 17:47
    VLAI
    Title
    Solutions Business Manager (SBM) Unauthenticated remote code execution issue in version prior to 11.5
    Summary
    Unauthenticated remote code execution issue in Micro Focus Solutions Business Manager (SBM) (formerly Serena Business Manager (SBM)) versions prior to 11.5.
    CWE
    • Unauthenticated remote code execution
    Assigner
    References
    Impacted products
    Date Public
    2019-01-23 00:00
    Credits
    Special thanks goes to Alessio Sergi of Verizon Enterprise Solutions for responsibly disclosing this CVE.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-05T11:44:20.199Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "http://help.serena.com/doc_center/sbm/ver11_5/sbm_release_notes.htm"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "Solutions Business Manager (SBM)",
              "vendor": "Micro Focus",
              "versions": [
                {
                  "status": "affected",
                  "version": "\u003c 11.5"
                }
              ]
            }
          ],
          "credits": [
            {
              "lang": "en",
              "value": "Special thanks goes to Alessio Sergi of Verizon Enterprise Solutions for responsibly disclosing this CVE."
            }
          ],
          "datePublic": "2019-01-23T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "Unauthenticated remote code execution issue in Micro Focus Solutions Business Manager (SBM) (formerly Serena Business Manager (SBM)) versions prior to 11.5."
            }
          ],
          "metrics": [
            {
              "cvssV3_0": {
                "attackComplexity": "LOW",
                "attackVector": "LOCAL",
                "availabilityImpact": "NONE",
                "baseScore": 6.1,
                "baseSeverity": "MEDIUM",
                "confidentialityImpact": "LOW",
                "integrityImpact": "HIGH",
                "privilegesRequired": "NONE",
                "scope": "UNCHANGED",
                "userInteraction": "REQUIRED",
                "vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:H/A:N",
                "version": "3.0"
              }
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "Unauthenticated remote code execution",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2021-01-06T16:15:52.000Z",
            "orgId": "f81092c5-7f14-476d-80dc-24857f90be84",
            "shortName": "microfocus"
          },
          "references": [
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "http://help.serena.com/doc_center/sbm/ver11_5/sbm_release_notes.htm"
            }
          ],
          "solutions": [
            {
              "lang": "en",
              "value": "Upgrade to Solutions Business Manager (SBM) (formerly Serena Business Manager (SBM)) 11.5"
            }
          ],
          "source": {
            "discovery": "EXTERNAL"
          },
          "title": "Solutions Business Manager (SBM) Unauthenticated remote code execution issue in version prior to 11.5",
          "x_generator": {
            "engine": "Vulnogram 0.0.5"
          },
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "AKA": "",
              "ASSIGNER": "security@microfocus.com",
              "DATE_PUBLIC": "2019-01-23T01:00:00.000Z",
              "ID": "CVE-2018-19641",
              "STATE": "PUBLIC",
              "TITLE": "Solutions Business Manager (SBM) Unauthenticated remote code execution issue in version prior to 11.5"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "Solutions Business Manager (SBM)",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "\u003c 11.5"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "Micro Focus"
                  }
                ]
              }
            },
            "configuration": [],
            "credit": [
              {
                "lang": "eng",
                "value": "Special thanks goes to Alessio Sergi of Verizon Enterprise Solutions for responsibly disclosing this CVE."
              }
            ],
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "Unauthenticated remote code execution issue in Micro Focus Solutions Business Manager (SBM) (formerly Serena Business Manager (SBM)) versions prior to 11.5."
                }
              ]
            },
            "exploit": [],
            "generator": {
              "engine": "Vulnogram 0.0.5"
            },
            "impact": {
              "cvss": {
                "attackComplexity": "LOW",
                "attackVector": "LOCAL",
                "availabilityImpact": "NONE",
                "baseScore": 6.1,
                "baseSeverity": "MEDIUM",
                "confidentialityImpact": "LOW",
                "integrityImpact": "HIGH",
                "privilegesRequired": "NONE",
                "scope": "UNCHANGED",
                "userInteraction": "REQUIRED",
                "vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:H/A:N",
                "version": "3.0"
              }
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "Unauthenticated remote code execution"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "http://help.serena.com/doc_center/sbm/ver11_5/sbm_release_notes.htm",
                  "refsource": "CONFIRM",
                  "url": "http://help.serena.com/doc_center/sbm/ver11_5/sbm_release_notes.htm"
                }
              ]
            },
            "solution": [
              {
                "lang": "en",
                "value": "Upgrade to Solutions Business Manager (SBM) (formerly Serena Business Manager (SBM)) 11.5"
              }
            ],
            "source": {
              "advisory": "",
              "defect": [],
              "discovery": "EXTERNAL"
            },
            "work_around": []
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "f81092c5-7f14-476d-80dc-24857f90be84",
        "assignerShortName": "microfocus",
        "cveId": "CVE-2018-19641",
        "datePublished": "2019-03-27T16:42:08.179Z",
        "dateReserved": "2018-11-28T00:00:00.000Z",
        "dateUpdated": "2024-09-16T17:47:50.052Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }