cnvd - cnvd-2021-11064

CNVD-2021-11064

Vulnerability from cnvd - Published: 2021-02-20

Title

Micro Focus Operations Bridge Reporter远程代码执行漏洞

Description

Micro Focus Operations Bridge Reporter (OBR)是一款IT报告软件，提供跨服务器、网络及应用程序环境的资源、事件和响应时间报告。 Micro Focus Operations Bridge Reporter 10.40版本存在远程代码执行漏洞。攻击者可利用该漏洞在OBR服务上执行代码。

Severity

高

Patch Name

Micro Focus Operations Bridge Reporter远程代码执行漏洞的补丁

Patch Description

Formal description

厂商已发布了漏洞修复程序，请及时关注更新：https://softwaresupport.softwaregrp.com/doc/KM03775947

Reference

https://nvd.nist.gov/vuln/detail/CVE-2021-22502

Impacted products

Name
Micro Focus Operation Bridge Reporter 10.40

Show details on source website

JSON

To clipboard

{
  "cves": {
    "cve": {
      "cveNumber": "CVE-2021-22502",
      "cveUrl": "https://nvd.nist.gov/vuln/detail/CVE-2021-22502"
    }
  },
  "description": "Micro Focus Operations Bridge Reporter (OBR)\u662f\u4e00\u6b3eIT\u62a5\u544a\u8f6f\u4ef6\uff0c\u63d0\u4f9b\u8de8\u670d\u52a1\u5668\u3001\u7f51\u7edc\u53ca\u5e94\u7528\u7a0b\u5e8f\u73af\u5883\u7684\u8d44\u6e90\u3001\u4e8b\u4ef6\u548c\u54cd\u5e94\u65f6\u95f4\u62a5\u544a\u3002\n\nMicro Focus Operations Bridge Reporter 10.40\u7248\u672c\u5b58\u5728\u8fdc\u7a0b\u4ee3\u7801\u6267\u884c\u6f0f\u6d1e\u3002\u653b\u51fb\u8005\u53ef\u5229\u7528\u8be5\u6f0f\u6d1e\u5728OBR\u670d\u52a1\u4e0a\u6267\u884c\u4ee3\u7801\u3002",
  "formalWay": "\u5382\u5546\u5df2\u53d1\u5e03\u4e86\u6f0f\u6d1e\u4fee\u590d\u7a0b\u5e8f\uff0c\u8bf7\u53ca\u65f6\u5173\u6ce8\u66f4\u65b0\uff1ahttps://softwaresupport.softwaregrp.com/doc/KM03775947",
  "isEvent": "\u901a\u7528\u8f6f\u786c\u4ef6\u6f0f\u6d1e",
  "number": "CNVD-2021-11064",
  "openTime": "2021-02-20",
  "patchDescription": "Micro Focus Operations Bridge Reporter (OBR)\u662f\u4e00\u6b3eIT\u62a5\u544a\u8f6f\u4ef6\uff0c\u63d0\u4f9b\u8de8\u670d\u52a1\u5668\u3001\u7f51\u7edc\u53ca\u5e94\u7528\u7a0b\u5e8f\u73af\u5883\u7684\u8d44\u6e90\u3001\u4e8b\u4ef6\u548c\u54cd\u5e94\u65f6\u95f4\u62a5\u544a\u3002\r\n\r\nMicro Focus Operations Bridge Reporter 10.40\u7248\u672c\u5b58\u5728\u8fdc\u7a0b\u4ee3\u7801\u6267\u884c\u6f0f\u6d1e\u3002\u653b\u51fb\u8005\u53ef\u5229\u7528\u8be5\u6f0f\u6d1e\u5728OBR\u670d\u52a1\u4e0a\u6267\u884c\u4ee3\u7801\u3002\u76ee\u524d\uff0c\u4f9b\u5e94\u5546\u53d1\u5e03\u4e86\u5b89\u5168\u516c\u544a\u53ca\u76f8\u5173\u8865\u4e01\u4fe1\u606f\uff0c\u4fee\u590d\u4e86\u6b64\u6f0f\u6d1e\u3002",
  "patchName": "Micro Focus Operations Bridge Reporter\u8fdc\u7a0b\u4ee3\u7801\u6267\u884c\u6f0f\u6d1e\u7684\u8865\u4e01",
  "products": {
    "product": "Micro Focus Operation Bridge Reporter 10.40"
  },
  "referenceLink": "https://nvd.nist.gov/vuln/detail/CVE-2021-22502",
  "serverity": "\u9ad8",
  "submitTime": "2021-02-09",
  "title": "Micro Focus Operations Bridge Reporter\u8fdc\u7a0b\u4ee3\u7801\u6267\u884c\u6f0f\u6d1e"
}

CVE-2021-22502 (GCVE-0-2021-22502)

Vulnerability from cvelistv5 – Published: 2021-02-08 21:12 – Updated: 2025-10-21 23:35

Summary

Remote Code execution vulnerability in Micro Focus Operation Bridge Reporter (OBR) product, affecting version 10.40. The vulnerability could be exploited to allow Remote Code Execution on the OBR server.

Severity ?

9.8 (Critical)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

CWE

Remote Code execution.

Assigner

microfocus

References

URL

Tags

	https://softwaresupport.softwaregrp.com/doc/KM03775947	x_refsource_MISC
	https://www.zerodayinitiative.com/advisories/ZDI-…	x_refsource_MISC
	https://www.zerodayinitiative.com/advisories/ZDI-…	x_refsource_MISC
	http://packetstormsecurity.com/files/162408/Micro…	x_refsource_MISC

Impacted products

	Vendor	Product	Version
	n/a	Operation Bridge Reporter.	Affected: OBR 10.40

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-03T18:44:13.632Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://softwaresupport.softwaregrp.com/doc/KM03775947"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://www.zerodayinitiative.com/advisories/ZDI-21-153/"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://www.zerodayinitiative.com/advisories/ZDI-21-154/"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "http://packetstormsecurity.com/files/162408/Micro-Focus-Operations-Bridge-Reporter-Unauthenticated-Command-Injection.html"
          }
        ],
        "title": "CVE Program Container"
      },
      {
        "metrics": [
          {
            "cvssV3_1": {
              "attackComplexity": "LOW",
              "attackVector": "NETWORK",
              "availabilityImpact": "HIGH",
              "baseScore": 9.8,
              "baseSeverity": "CRITICAL",
              "confidentialityImpact": "HIGH",
              "integrityImpact": "HIGH",
              "privilegesRequired": "NONE",
              "scope": "UNCHANGED",
              "userInteraction": "NONE",
              "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
              "version": "3.1"
            }
          },
          {
            "other": {
              "content": {
                "id": "CVE-2021-22502",
                "options": [
                  {
                    "Exploitation": "active"
                  },
                  {
                    "Automatable": "yes"
                  },
                  {
                    "Technical Impact": "total"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2025-02-06T20:52:16.856649Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          },
          {
            "other": {
              "content": {
                "dateAdded": "2021-11-03",
                "reference": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2021-22502"
              },
              "type": "kev"
            }
          }
        ],
        "problemTypes": [
          {
            "descriptions": [
              {
                "cweId": "CWE-78",
                "description": "CWE-78 Improper Neutralization of Special Elements used in an OS Command (\u0027OS Command Injection\u0027)",
                "lang": "en",
                "type": "CWE"
              }
            ]
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2025-10-21T23:35:28.826Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "references": [
          {
            "tags": [
              "government-resource"
            ],
            "url": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2021-22502"
          }
        ],
        "timeline": [
          {
            "lang": "en",
            "time": "2021-11-03T00:00:00+00:00",
            "value": "CVE-2021-22502 added to CISA KEV"
          }
        ],
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "Operation Bridge Reporter.",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "OBR 10.40"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "Remote Code execution vulnerability in Micro Focus Operation Bridge Reporter (OBR) product, affecting version 10.40. The vulnerability could be exploited to allow Remote Code Execution on the OBR server."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "Remote Code execution.",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2021-04-30T16:06:24.000Z",
        "orgId": "f81092c5-7f14-476d-80dc-24857f90be84",
        "shortName": "microfocus"
      },
      "references": [
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://softwaresupport.softwaregrp.com/doc/KM03775947"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://www.zerodayinitiative.com/advisories/ZDI-21-153/"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://www.zerodayinitiative.com/advisories/ZDI-21-154/"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "http://packetstormsecurity.com/files/162408/Micro-Focus-Operations-Bridge-Reporter-Unauthenticated-Command-Injection.html"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "security@microfocus.com",
          "ID": "CVE-2021-22502",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "Operation Bridge Reporter.",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "OBR 10.40"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "Remote Code execution vulnerability in Micro Focus Operation Bridge Reporter (OBR) product, affecting version 10.40. The vulnerability could be exploited to allow Remote Code Execution on the OBR server."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "Remote Code execution."
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://softwaresupport.softwaregrp.com/doc/KM03775947",
              "refsource": "MISC",
              "url": "https://softwaresupport.softwaregrp.com/doc/KM03775947"
            },
            {
              "name": "https://www.zerodayinitiative.com/advisories/ZDI-21-153/",
              "refsource": "MISC",
              "url": "https://www.zerodayinitiative.com/advisories/ZDI-21-153/"
            },
            {
              "name": "https://www.zerodayinitiative.com/advisories/ZDI-21-154/",
              "refsource": "MISC",
              "url": "https://www.zerodayinitiative.com/advisories/ZDI-21-154/"
            },
            {
              "name": "http://packetstormsecurity.com/files/162408/Micro-Focus-Operations-Bridge-Reporter-Unauthenticated-Command-Injection.html",
              "refsource": "MISC",
              "url": "http://packetstormsecurity.com/files/162408/Micro-Focus-Operations-Bridge-Reporter-Unauthenticated-Command-Injection.html"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "f81092c5-7f14-476d-80dc-24857f90be84",
    "assignerShortName": "microfocus",
    "cveId": "CVE-2021-22502",
    "datePublished": "2021-02-08T21:12:35.000Z",
    "dateReserved": "2021-01-05T00:00:00.000Z",
    "dateUpdated": "2025-10-21T23:35:28.826Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or observed by the user.
Confirmed: The vulnerability has been validated from an analyst's perspective.
Published Proof of Concept: A public proof of concept is available for this vulnerability.
Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
Not confirmed: The user expressed doubt about the validity of the vulnerability.
Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.

Detection rules are retrieved from Rulezet.

Action not permitted

CNVD-2021-11064

CVE-2021-22502 (GCVE-0-2021-22502)

Tags

Sightings

Nomenclature