Search

Find a vulnerability

Search criteria

    2 vulnerabilities found for UCMDB Configuration Management Service by Micro Focus

    CVE-2018-18593 (GCVE-0-2018-18593)

    Vulnerability from nvd – Published: 2018-12-31 15:00 – Updated: 2024-09-16 18:09
    VLAI
    Title
    MFSBGN03838 rev.1 - UCMDB Configuration Management Service, Multiple Vulnerabilities
    Summary
    Remote Directory Traversal and Remote Disclosure of Privileged Information in UCMDB Configuration Management Service, version 10.22, 10.22 CUP1, 10.22 CUP2, 10.22 CUP3, 10.22 CUP4, 10.22 CUP5, 10.22 CUP6, 10.22 CUP7, 10.33, 10.33 CUP1, 10.33 CUP2, 10.33 CUP3, 2018.02, 2018.05, 2018.08, 2018.11. The vulnerabilities could allow Remote Directory Traversal and Remote Disclosure of Privileged Information
    CWE
    • Remote Directory Traversal and Remote Disclosure of Privileged Information
    Assigner
    References
    Impacted products
    Vendor Product Version
    Micro Focus UCMDB Configuration Management Service Affected: 10.22, 10.22 CUP1, 10.22 CUP2, 10.22 CUP3, 10.22 CUP4, 10.22 CUP5, 10.22 CUP6, 10.22 CUP7, 10.33, 10.33 CUP1, 10.33 CUP2, 10.33 CUP3, 2018.02, 2018.05, 2018.08, 2018.11
    Create a notification for this product.
    Date Public
    2018-12-31 00:00
    Credits
    Micro Focus would like to thank Bahadir Pektas and Emre Ilbeyoglu for reporting this issue to security@microfocus.com.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-05T11:15:59.681Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "106374",
                "tags": [
                  "vdb-entry",
                  "x_refsource_BID",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/bid/106374"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "https://softwaresupport.softwaregrp.com/doc/KM03309650"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "UCMDB Configuration Management Service",
              "vendor": "Micro Focus",
              "versions": [
                {
                  "status": "affected",
                  "version": "10.22, 10.22 CUP1, 10.22 CUP2, 10.22 CUP3, 10.22 CUP4, 10.22 CUP5, 10.22 CUP6, 10.22 CUP7, 10.33, 10.33 CUP1, 10.33 CUP2, 10.33 CUP3, 2018.02, 2018.05, 2018.08, 2018.11"
                }
              ]
            }
          ],
          "credits": [
            {
              "lang": "en",
              "value": "Micro Focus would like to thank Bahadir Pektas and Emre Ilbeyoglu for reporting this issue to security@microfocus.com."
            }
          ],
          "datePublic": "2018-12-31T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "Remote Directory Traversal and Remote Disclosure of Privileged Information in UCMDB Configuration Management Service, version 10.22, 10.22 CUP1, 10.22 CUP2, 10.22 CUP3, 10.22 CUP4, 10.22 CUP5, 10.22 CUP6, 10.22 CUP7, 10.33, 10.33 CUP1, 10.33 CUP2, 10.33 CUP3, 2018.02, 2018.05, 2018.08, 2018.11. The vulnerabilities could allow Remote Directory Traversal and Remote Disclosure of Privileged Information"
            }
          ],
          "exploits": [
            {
              "lang": "en",
              "value": "Remote Directory Traversal and Remote Disclosure of Privileged Information"
            }
          ],
          "metrics": [
            {
              "cvssV3_0": {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "availabilityImpact": "NONE",
                "baseScore": 6.5,
                "baseSeverity": "MEDIUM",
                "confidentialityImpact": "HIGH",
                "integrityImpact": "HIGH",
                "privilegesRequired": "HIGH",
                "scope": "UNCHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:N",
                "version": "3.0"
              }
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "Remote Directory Traversal and Remote Disclosure of Privileged Information",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2021-01-06T16:16:02.000Z",
            "orgId": "f81092c5-7f14-476d-80dc-24857f90be84",
            "shortName": "microfocus"
          },
          "references": [
            {
              "name": "106374",
              "tags": [
                "vdb-entry",
                "x_refsource_BID"
              ],
              "url": "http://www.securityfocus.com/bid/106374"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://softwaresupport.softwaregrp.com/doc/KM03309650"
            }
          ],
          "source": {
            "discovery": "UNKNOWN"
          },
          "title": "MFSBGN03838 rev.1 - UCMDB Configuration Management Service, Multiple Vulnerabilities",
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "security@microfocus.com",
              "DATE_PUBLIC": "2018-12-31T13:16:00.000Z",
              "ID": "CVE-2018-18593",
              "STATE": "PUBLIC",
              "TITLE": "MFSBGN03838 rev.1 - UCMDB Configuration Management Service, Multiple Vulnerabilities"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "UCMDB Configuration Management Service",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "10.22, 10.22 CUP1, 10.22 CUP2, 10.22 CUP3, 10.22 CUP4, 10.22 CUP5, 10.22 CUP6, 10.22 CUP7, 10.33, 10.33 CUP1, 10.33 CUP2, 10.33 CUP3, 2018.02, 2018.05, 2018.08, 2018.11"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "Micro Focus"
                  }
                ]
              }
            },
            "credit": [
              {
                "lang": "eng",
                "value": "Micro Focus would like to thank Bahadir Pektas and Emre Ilbeyoglu for reporting this issue to security@microfocus.com."
              }
            ],
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "Remote Directory Traversal and Remote Disclosure of Privileged Information in UCMDB Configuration Management Service, version 10.22, 10.22 CUP1, 10.22 CUP2, 10.22 CUP3, 10.22 CUP4, 10.22 CUP5, 10.22 CUP6, 10.22 CUP7, 10.33, 10.33 CUP1, 10.33 CUP2, 10.33 CUP3, 2018.02, 2018.05, 2018.08, 2018.11. The vulnerabilities could allow Remote Directory Traversal and Remote Disclosure of Privileged Information"
                }
              ]
            },
            "exploit": [
              {
                "lang": "en",
                "value": "Remote Directory Traversal and Remote Disclosure of Privileged Information"
              }
            ],
            "impact": {
              "cvss": {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "availabilityImpact": "NONE",
                "baseScore": 6.5,
                "baseSeverity": "MEDIUM",
                "confidentialityImpact": "HIGH",
                "integrityImpact": "HIGH",
                "privilegesRequired": "HIGH",
                "scope": "UNCHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:N",
                "version": "3.0"
              }
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "Remote Directory Traversal and Remote Disclosure of Privileged Information"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "106374",
                  "refsource": "BID",
                  "url": "http://www.securityfocus.com/bid/106374"
                },
                {
                  "name": "https://softwaresupport.softwaregrp.com/doc/KM03309650",
                  "refsource": "MISC",
                  "url": "https://softwaresupport.softwaregrp.com/doc/KM03309650"
                }
              ]
            },
            "source": {
              "discovery": "UNKNOWN"
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "f81092c5-7f14-476d-80dc-24857f90be84",
        "assignerShortName": "microfocus",
        "cveId": "CVE-2018-18593",
        "datePublished": "2018-12-31T15:00:00.000Z",
        "dateReserved": "2018-10-23T00:00:00.000Z",
        "dateUpdated": "2024-09-16T18:09:18.629Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2018-18593 (GCVE-0-2018-18593)

    Vulnerability from cvelistv5 – Published: 2018-12-31 15:00 – Updated: 2024-09-16 18:09
    VLAI
    Title
    MFSBGN03838 rev.1 - UCMDB Configuration Management Service, Multiple Vulnerabilities
    Summary
    Remote Directory Traversal and Remote Disclosure of Privileged Information in UCMDB Configuration Management Service, version 10.22, 10.22 CUP1, 10.22 CUP2, 10.22 CUP3, 10.22 CUP4, 10.22 CUP5, 10.22 CUP6, 10.22 CUP7, 10.33, 10.33 CUP1, 10.33 CUP2, 10.33 CUP3, 2018.02, 2018.05, 2018.08, 2018.11. The vulnerabilities could allow Remote Directory Traversal and Remote Disclosure of Privileged Information
    CWE
    • Remote Directory Traversal and Remote Disclosure of Privileged Information
    Assigner
    References
    Impacted products
    Vendor Product Version
    Micro Focus UCMDB Configuration Management Service Affected: 10.22, 10.22 CUP1, 10.22 CUP2, 10.22 CUP3, 10.22 CUP4, 10.22 CUP5, 10.22 CUP6, 10.22 CUP7, 10.33, 10.33 CUP1, 10.33 CUP2, 10.33 CUP3, 2018.02, 2018.05, 2018.08, 2018.11
    Create a notification for this product.
    Date Public
    2018-12-31 00:00
    Credits
    Micro Focus would like to thank Bahadir Pektas and Emre Ilbeyoglu for reporting this issue to security@microfocus.com.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-05T11:15:59.681Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "106374",
                "tags": [
                  "vdb-entry",
                  "x_refsource_BID",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/bid/106374"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "https://softwaresupport.softwaregrp.com/doc/KM03309650"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "UCMDB Configuration Management Service",
              "vendor": "Micro Focus",
              "versions": [
                {
                  "status": "affected",
                  "version": "10.22, 10.22 CUP1, 10.22 CUP2, 10.22 CUP3, 10.22 CUP4, 10.22 CUP5, 10.22 CUP6, 10.22 CUP7, 10.33, 10.33 CUP1, 10.33 CUP2, 10.33 CUP3, 2018.02, 2018.05, 2018.08, 2018.11"
                }
              ]
            }
          ],
          "credits": [
            {
              "lang": "en",
              "value": "Micro Focus would like to thank Bahadir Pektas and Emre Ilbeyoglu for reporting this issue to security@microfocus.com."
            }
          ],
          "datePublic": "2018-12-31T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "Remote Directory Traversal and Remote Disclosure of Privileged Information in UCMDB Configuration Management Service, version 10.22, 10.22 CUP1, 10.22 CUP2, 10.22 CUP3, 10.22 CUP4, 10.22 CUP5, 10.22 CUP6, 10.22 CUP7, 10.33, 10.33 CUP1, 10.33 CUP2, 10.33 CUP3, 2018.02, 2018.05, 2018.08, 2018.11. The vulnerabilities could allow Remote Directory Traversal and Remote Disclosure of Privileged Information"
            }
          ],
          "exploits": [
            {
              "lang": "en",
              "value": "Remote Directory Traversal and Remote Disclosure of Privileged Information"
            }
          ],
          "metrics": [
            {
              "cvssV3_0": {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "availabilityImpact": "NONE",
                "baseScore": 6.5,
                "baseSeverity": "MEDIUM",
                "confidentialityImpact": "HIGH",
                "integrityImpact": "HIGH",
                "privilegesRequired": "HIGH",
                "scope": "UNCHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:N",
                "version": "3.0"
              }
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "Remote Directory Traversal and Remote Disclosure of Privileged Information",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2021-01-06T16:16:02.000Z",
            "orgId": "f81092c5-7f14-476d-80dc-24857f90be84",
            "shortName": "microfocus"
          },
          "references": [
            {
              "name": "106374",
              "tags": [
                "vdb-entry",
                "x_refsource_BID"
              ],
              "url": "http://www.securityfocus.com/bid/106374"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://softwaresupport.softwaregrp.com/doc/KM03309650"
            }
          ],
          "source": {
            "discovery": "UNKNOWN"
          },
          "title": "MFSBGN03838 rev.1 - UCMDB Configuration Management Service, Multiple Vulnerabilities",
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "security@microfocus.com",
              "DATE_PUBLIC": "2018-12-31T13:16:00.000Z",
              "ID": "CVE-2018-18593",
              "STATE": "PUBLIC",
              "TITLE": "MFSBGN03838 rev.1 - UCMDB Configuration Management Service, Multiple Vulnerabilities"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "UCMDB Configuration Management Service",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "10.22, 10.22 CUP1, 10.22 CUP2, 10.22 CUP3, 10.22 CUP4, 10.22 CUP5, 10.22 CUP6, 10.22 CUP7, 10.33, 10.33 CUP1, 10.33 CUP2, 10.33 CUP3, 2018.02, 2018.05, 2018.08, 2018.11"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "Micro Focus"
                  }
                ]
              }
            },
            "credit": [
              {
                "lang": "eng",
                "value": "Micro Focus would like to thank Bahadir Pektas and Emre Ilbeyoglu for reporting this issue to security@microfocus.com."
              }
            ],
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "Remote Directory Traversal and Remote Disclosure of Privileged Information in UCMDB Configuration Management Service, version 10.22, 10.22 CUP1, 10.22 CUP2, 10.22 CUP3, 10.22 CUP4, 10.22 CUP5, 10.22 CUP6, 10.22 CUP7, 10.33, 10.33 CUP1, 10.33 CUP2, 10.33 CUP3, 2018.02, 2018.05, 2018.08, 2018.11. The vulnerabilities could allow Remote Directory Traversal and Remote Disclosure of Privileged Information"
                }
              ]
            },
            "exploit": [
              {
                "lang": "en",
                "value": "Remote Directory Traversal and Remote Disclosure of Privileged Information"
              }
            ],
            "impact": {
              "cvss": {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "availabilityImpact": "NONE",
                "baseScore": 6.5,
                "baseSeverity": "MEDIUM",
                "confidentialityImpact": "HIGH",
                "integrityImpact": "HIGH",
                "privilegesRequired": "HIGH",
                "scope": "UNCHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:N",
                "version": "3.0"
              }
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "Remote Directory Traversal and Remote Disclosure of Privileged Information"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "106374",
                  "refsource": "BID",
                  "url": "http://www.securityfocus.com/bid/106374"
                },
                {
                  "name": "https://softwaresupport.softwaregrp.com/doc/KM03309650",
                  "refsource": "MISC",
                  "url": "https://softwaresupport.softwaregrp.com/doc/KM03309650"
                }
              ]
            },
            "source": {
              "discovery": "UNKNOWN"
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "f81092c5-7f14-476d-80dc-24857f90be84",
        "assignerShortName": "microfocus",
        "cveId": "CVE-2018-18593",
        "datePublished": "2018-12-31T15:00:00.000Z",
        "dateReserved": "2018-10-23T00:00:00.000Z",
        "dateUpdated": "2024-09-16T18:09:18.629Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }