cvelistv5 - cve-2018-6498

CVE-2018-6498 (GCVE-0-2018-6498)

Vulnerability from cvelistv5 – Published: 2018-08-30 21:00 – Updated: 2024-09-17 01:11

Summary

Remote Code Execution in the following products Hybrid Cloud Management Containerized Suite HCM2017.11, HCM2018.02, HCM2018.05, Operations Bridge Containerized Suite 2017.11, 2018.02, 2018.05, Data Center Automation Containerized Suite 2017.01 until 2018.05, Service Management Automation Suite 2017.11, 2018.02, 2018.05 and Network Operations Management (NOM) Suite CDF 2017.11, 2018.02, 2018.05 will allow Remote Code Execution.

Severity ?

8.8 (High)


                        
                          CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:H

CWE

Remote Code Execution

Assigner

microfocus

References

URL

Tags

	https://softwaresupport.softwaregrp.com/document/…	x_refsource_CONFIRM
	https://softwaresupport.softwaregrp.com/document/…	x_refsource_CONFIRM
	https://softwaresupport.softwaregrp.com/document/…	x_refsource_CONFIRM
	https://softwaresupport.softwaregrp.com/document/…	x_refsource_CONFIRM
	https://softwaresupport.softwaregrp.com/document/…	x_refsource_CONFIRM

Impacted products

Vendor

Product

Version

Micro Focus

Network Operations Management (NOM) Suite CDF

Affected: 2017.11, 2018.02, 2018.05

Micro Focus	Service Management Automation Suite	Affected: 2017.11, 2018.02, 2018.05
Micro Focus	Data Center Automation Containerized Suite	Affected: 2017.01 until 2018.05
Micro Focus	Operations Bridge Containerized Suite	Affected: 2017.11, 2018.02, 2018.05
Micro Focus	Hybrid Cloud Management Containerized Suite	Affected: HCM2017.11, HCM2018.02, HCM2018.05

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-05T06:01:49.095Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://softwaresupport.softwaregrp.com/document/-/facetsearch/document/KM03236667"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://softwaresupport.softwaregrp.com/document/-/facetsearch/document/KM03236669"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://softwaresupport.softwaregrp.com/document/-/facetsearch/document/KM03236725"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://softwaresupport.softwaregrp.com/document/-/facetsearch/document/KM03236632"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://softwaresupport.softwaregrp.com/document/-/facetsearch/document/KM03236678"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "Network Operations Management (NOM) Suite CDF",
          "vendor": "Micro Focus",
          "versions": [
            {
              "status": "affected",
              "version": "2017.11, 2018.02, 2018.05"
            }
          ]
        },
        {
          "product": "Service Management Automation Suite",
          "vendor": "Micro Focus",
          "versions": [
            {
              "status": "affected",
              "version": "2017.11, 2018.02, 2018.05"
            }
          ]
        },
        {
          "product": "Data Center Automation Containerized Suite",
          "vendor": "Micro Focus",
          "versions": [
            {
              "status": "affected",
              "version": "2017.01 until 2018.05"
            }
          ]
        },
        {
          "product": "Operations Bridge Containerized Suite",
          "vendor": "Micro Focus",
          "versions": [
            {
              "status": "affected",
              "version": "2017.11, 2018.02, 2018.05"
            }
          ]
        },
        {
          "product": "Hybrid Cloud Management Containerized Suite",
          "vendor": "Micro Focus",
          "versions": [
            {
              "status": "affected",
              "version": "HCM2017.11, HCM2018.02, HCM2018.05"
            }
          ]
        }
      ],
      "datePublic": "2018-08-30T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "Remote Code Execution in the following products Hybrid Cloud Management Containerized Suite HCM2017.11, HCM2018.02, HCM2018.05, Operations Bridge Containerized Suite 2017.11, 2018.02, 2018.05, Data Center Automation Containerized Suite 2017.01 until 2018.05, Service Management Automation Suite 2017.11, 2018.02, 2018.05 and Network Operations Management (NOM) Suite CDF 2017.11, 2018.02, 2018.05 will allow Remote Code Execution."
        }
      ],
      "exploits": [
        {
          "lang": "en",
          "value": "Remote Code Execution"
        }
      ],
      "metrics": [
        {
          "cvssV3_0": {
            "attackComplexity": "LOW",
            "attackVector": "ADJACENT_NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 8.8,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "LOW",
            "integrityImpact": "LOW",
            "privilegesRequired": "NONE",
            "scope": "CHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:H",
            "version": "3.0"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "Remote Code Execution",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2021-01-06T16:15:27",
        "orgId": "f81092c5-7f14-476d-80dc-24857f90be84",
        "shortName": "microfocus"
      },
      "references": [
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://softwaresupport.softwaregrp.com/document/-/facetsearch/document/KM03236667"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://softwaresupport.softwaregrp.com/document/-/facetsearch/document/KM03236669"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://softwaresupport.softwaregrp.com/document/-/facetsearch/document/KM03236725"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://softwaresupport.softwaregrp.com/document/-/facetsearch/document/KM03236632"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://softwaresupport.softwaregrp.com/document/-/facetsearch/document/KM03236678"
        }
      ],
      "source": {
        "discovery": "UNKNOWN"
      },
      "title": "Micro Focus Container Deployment Foundation (CDF), Remote Code Execution",
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "security@microfocus.com",
          "DATE_PUBLIC": "2018-08-30T17:00:00.000Z",
          "ID": "CVE-2018-6498",
          "STATE": "PUBLIC",
          "TITLE": "Micro Focus Container Deployment Foundation (CDF), Remote Code Execution"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "Network Operations Management (NOM) Suite CDF",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "2017.11, 2018.02, 2018.05"
                          }
                        ]
                      }
                    },
                    {
                      "product_name": "Service Management Automation Suite",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "2017.11, 2018.02, 2018.05"
                          }
                        ]
                      }
                    },
                    {
                      "product_name": "Data Center Automation Containerized Suite",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "2017.01 until 2018.05"
                          }
                        ]
                      }
                    },
                    {
                      "product_name": "Operations Bridge Containerized Suite",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "2017.11, 2018.02, 2018.05"
                          }
                        ]
                      }
                    },
                    {
                      "product_name": "Hybrid Cloud Management Containerized Suite",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "HCM2017.11, HCM2018.02, HCM2018.05"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "Micro Focus"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "Remote Code Execution in the following products Hybrid Cloud Management Containerized Suite HCM2017.11, HCM2018.02, HCM2018.05, Operations Bridge Containerized Suite 2017.11, 2018.02, 2018.05, Data Center Automation Containerized Suite 2017.01 until 2018.05, Service Management Automation Suite 2017.11, 2018.02, 2018.05 and Network Operations Management (NOM) Suite CDF 2017.11, 2018.02, 2018.05 will allow Remote Code Execution."
            }
          ]
        },
        "exploit": [
          {
            "lang": "en",
            "value": "Remote Code Execution"
          }
        ],
        "impact": {
          "cvss": {
            "attackComplexity": "LOW",
            "attackVector": "ADJACENT_NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 8.8,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "LOW",
            "integrityImpact": "LOW",
            "privilegesRequired": "NONE",
            "scope": "CHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:H",
            "version": "3.0"
          }
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "Remote Code Execution"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://softwaresupport.softwaregrp.com/document/-/facetsearch/document/KM03236667",
              "refsource": "CONFIRM",
              "url": "https://softwaresupport.softwaregrp.com/document/-/facetsearch/document/KM03236667"
            },
            {
              "name": "https://softwaresupport.softwaregrp.com/document/-/facetsearch/document/KM03236669",
              "refsource": "CONFIRM",
              "url": "https://softwaresupport.softwaregrp.com/document/-/facetsearch/document/KM03236669"
            },
            {
              "name": "https://softwaresupport.softwaregrp.com/document/-/facetsearch/document/KM03236725",
              "refsource": "CONFIRM",
              "url": "https://softwaresupport.softwaregrp.com/document/-/facetsearch/document/KM03236725"
            },
            {
              "name": "https://softwaresupport.softwaregrp.com/document/-/facetsearch/document/KM03236632",
              "refsource": "CONFIRM",
              "url": "https://softwaresupport.softwaregrp.com/document/-/facetsearch/document/KM03236632"
            },
            {
              "name": "https://softwaresupport.softwaregrp.com/document/-/facetsearch/document/KM03236678",
              "refsource": "CONFIRM",
              "url": "https://softwaresupport.softwaregrp.com/document/-/facetsearch/document/KM03236678"
            }
          ]
        },
        "source": {
          "discovery": "UNKNOWN"
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "f81092c5-7f14-476d-80dc-24857f90be84",
    "assignerShortName": "microfocus",
    "cveId": "CVE-2018-6498",
    "datePublished": "2018-08-30T21:00:00Z",
    "dateReserved": "2018-02-01T00:00:00",
    "dateUpdated": "2024-09-17T01:11:00.440Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1",
  "vulnerability-lookup:meta": {
    "fkie_nvd": {
      "configurations": "[{\"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:microfocus:data_center_automation:2017.01:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"F8CBD371-84AA-45F2-B53C-FF2F94316FDF\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:microfocus:data_center_automation:2017.05:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"1FA57EDB-69A7-439A-886A-06E844A45CFB\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:microfocus:data_center_automation:2017.08:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"B7E861D6-7812-4190-A3C1-F338D544123E\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:microfocus:data_center_automation:2017.09:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"4CA11555-95A4-4086-9C67-CA4C92EA4D0A\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:microfocus:data_center_automation:2017.11:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"008EA036-C58F-4B01-AEAD-3E8E79304A68\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:microfocus:data_center_automation:2018.02:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"34E310E2-2F0F-4942-A7CD-61616D366824\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:microfocus:data_center_automation:2018.05:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"D1CA1EEE-301A-4DB1-ACE6-A8DC7FF101C7\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:microfocus:hybrid_cloud_management:2017.11:*:*:*:premium:*:*:*\", \"matchCriteriaId\": \"EC84CBAE-0AB4-4405-8423-A221E3BABCA4\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:microfocus:hybrid_cloud_management:2017.11:*:*:*:ultimate:*:*:*\", \"matchCriteriaId\": \"28F73BBD-DA6B-42A5-BDC9-F8832E475B03\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:microfocus:hybrid_cloud_management:2018.02:*:*:*:premium:*:*:*\", \"matchCriteriaId\": \"E52C4EA5-AE1E-476E-9AAF-FB8A6D34658A\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:microfocus:hybrid_cloud_management:2018.02:*:*:*:ultimate:*:*:*\", \"matchCriteriaId\": \"69087F9D-D5F1-462C-8264-13DBCF50474C\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:microfocus:hybrid_cloud_management:2018.05:*:*:*:premium:*:*:*\", \"matchCriteriaId\": \"5686CFAC-0091-4B98-9654-359AC77343EA\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:microfocus:hybrid_cloud_management:2018.05:*:*:*:ultimate:*:*:*\", \"matchCriteriaId\": \"C7E8812B-28DC-4F66-B395-73AF00E57113\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:microfocus:network_operations_management:2017.11:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"E21E1238-6D5F-4AA5-8FE4-B818D0DBF6C4\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:microfocus:network_operations_management:2018.02:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"EA8F1189-19DF-43EB-9B35-61720EE11357\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:microfocus:network_operations_management:2018.05:*:*:*:premium:*:*:*\", \"matchCriteriaId\": \"DF75B30C-1E8D-462E-A30A-9C17EF0B7CE7\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:microfocus:operations_bridge:2017.11:*:*:*:premium:*:*:*\", \"matchCriteriaId\": \"34099595-3D44-4B10-AA42-5A6DC9B82F25\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:microfocus:operations_bridge:2018.02:*:*:*:premium:*:*:*\", \"matchCriteriaId\": \"2D4D7844-FA36-4C63-8AD6-C40F81134DBC\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:microfocus:operations_bridge:2018.05:*:*:*:premium:*:*:*\", \"matchCriteriaId\": \"78756DED-D384-4F7F-99C3-6BC6293B1D28\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:microfocus:service_management_automation:2017.11:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"5166B660-88F2-437B-96DA-F7E44E6AE9A3\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:microfocus:service_management_automation:2018.02:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"2DCFB2E7-D769-4365-9B99-952907563749\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:microfocus:service_management_automation:2018.05:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"3909E337-F1FC-45C8-A120-EEBDBFB0E4D0\"}]}]}]",
      "descriptions": "[{\"lang\": \"en\", \"value\": \"Remote Code Execution in the following products Hybrid Cloud Management Containerized Suite HCM2017.11, HCM2018.02, HCM2018.05, Operations Bridge Containerized Suite 2017.11, 2018.02, 2018.05, Data Center Automation Containerized Suite 2017.01 until 2018.05, Service Management Automation Suite 2017.11, 2018.02, 2018.05 and Network Operations Management (NOM) Suite CDF 2017.11, 2018.02, 2018.05 will allow Remote Code Execution.\"}, {\"lang\": \"es\", \"value\": \"Ejecuci\\u00f3n remota de c\\u00f3digo en los siguientes productos: Hybrid Cloud Management Containerized Suite HCM2017.11, HCM2018.02, HCM2018.05; Operations Bridge Containerized Suite 2017.11, 2018.02, 2018.05; Data Center Automation Containerized Suite 2017.01 hasta la versi\\u00f3n 2018.05; Service Management Automation Suite 2017.11, 2018.02, 2018.05 y Network Operations Management (NOM) Suite CDF 2017.11, 2018.02 y 2018.05 permitir\\u00e1 la ejecuci\\u00f3n remota de c\\u00f3digo.\"}]",
      "id": "CVE-2018-6498",
      "lastModified": "2024-11-21T04:10:46.813",
      "metrics": "{\"cvssMetricV30\": [{\"source\": \"security@opentext.com\", \"type\": \"Secondary\", \"cvssData\": {\"version\": \"3.0\", \"vectorString\": \"CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:H\", \"baseScore\": 8.8, \"baseSeverity\": \"HIGH\", \"attackVector\": \"ADJACENT_NETWORK\", \"attackComplexity\": \"LOW\", \"privilegesRequired\": \"NONE\", \"userInteraction\": \"NONE\", \"scope\": \"CHANGED\", \"confidentialityImpact\": \"LOW\", \"integrityImpact\": \"LOW\", \"availabilityImpact\": \"HIGH\"}, \"exploitabilityScore\": 2.8, \"impactScore\": 5.3}, {\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"cvssData\": {\"version\": \"3.0\", \"vectorString\": \"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\", \"baseScore\": 9.8, \"baseSeverity\": \"CRITICAL\", \"attackVector\": \"NETWORK\", \"attackComplexity\": \"LOW\", \"privilegesRequired\": \"NONE\", \"userInteraction\": \"NONE\", \"scope\": \"UNCHANGED\", \"confidentialityImpact\": \"HIGH\", \"integrityImpact\": \"HIGH\", \"availabilityImpact\": \"HIGH\"}, \"exploitabilityScore\": 3.9, \"impactScore\": 5.9}], \"cvssMetricV2\": [{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"cvssData\": {\"version\": \"2.0\", \"vectorString\": \"AV:N/AC:L/Au:N/C:P/I:P/A:P\", \"baseScore\": 7.5, \"accessVector\": \"NETWORK\", \"accessComplexity\": \"LOW\", \"authentication\": \"NONE\", \"confidentialityImpact\": \"PARTIAL\", \"integrityImpact\": \"PARTIAL\", \"availabilityImpact\": \"PARTIAL\"}, \"baseSeverity\": \"HIGH\", \"exploitabilityScore\": 10.0, \"impactScore\": 6.4, \"acInsufInfo\": false, \"obtainAllPrivilege\": false, \"obtainUserPrivilege\": false, \"obtainOtherPrivilege\": false, \"userInteractionRequired\": false}]}",
      "published": "2018-08-30T21:29:00.267",
      "references": "[{\"url\": \"https://softwaresupport.softwaregrp.com/document/-/facetsearch/document/KM03236632\", \"source\": \"security@opentext.com\"}, {\"url\": \"https://softwaresupport.softwaregrp.com/document/-/facetsearch/document/KM03236667\", \"source\": \"security@opentext.com\"}, {\"url\": \"https://softwaresupport.softwaregrp.com/document/-/facetsearch/document/KM03236669\", \"source\": \"security@opentext.com\"}, {\"url\": \"https://softwaresupport.softwaregrp.com/document/-/facetsearch/document/KM03236678\", \"source\": \"security@opentext.com\"}, {\"url\": \"https://softwaresupport.softwaregrp.com/document/-/facetsearch/document/KM03236725\", \"source\": \"security@opentext.com\"}, {\"url\": \"https://softwaresupport.softwaregrp.com/document/-/facetsearch/document/KM03236632\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"https://softwaresupport.softwaregrp.com/document/-/facetsearch/document/KM03236667\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"https://softwaresupport.softwaregrp.com/document/-/facetsearch/document/KM03236669\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"https://softwaresupport.softwaregrp.com/document/-/facetsearch/document/KM03236678\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"https://softwaresupport.softwaregrp.com/document/-/facetsearch/document/KM03236725\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}]",
      "sourceIdentifier": "security@opentext.com",
      "vulnStatus": "Modified",
      "weaknesses": "[{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"description\": [{\"lang\": \"en\", \"value\": \"CWE-94\"}]}]"
    },
    "nvd": "{\"cve\":{\"id\":\"CVE-2018-6498\",\"sourceIdentifier\":\"security@opentext.com\",\"published\":\"2018-08-30T21:29:00.267\",\"lastModified\":\"2024-11-21T04:10:46.813\",\"vulnStatus\":\"Modified\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"Remote Code Execution in the following products Hybrid Cloud Management Containerized Suite HCM2017.11, HCM2018.02, HCM2018.05, Operations Bridge Containerized Suite 2017.11, 2018.02, 2018.05, Data Center Automation Containerized Suite 2017.01 until 2018.05, Service Management Automation Suite 2017.11, 2018.02, 2018.05 and Network Operations Management (NOM) Suite CDF 2017.11, 2018.02, 2018.05 will allow Remote Code Execution.\"},{\"lang\":\"es\",\"value\":\"Ejecuci\u00f3n remota de c\u00f3digo en los siguientes productos: Hybrid Cloud Management Containerized Suite HCM2017.11, HCM2018.02, HCM2018.05; Operations Bridge Containerized Suite 2017.11, 2018.02, 2018.05; Data Center Automation Containerized Suite 2017.01 hasta la versi\u00f3n 2018.05; Service Management Automation Suite 2017.11, 2018.02, 2018.05 y Network Operations Management (NOM) Suite CDF 2017.11, 2018.02 y 2018.05 permitir\u00e1 la ejecuci\u00f3n remota de c\u00f3digo.\"}],\"metrics\":{\"cvssMetricV30\":[{\"source\":\"security@opentext.com\",\"type\":\"Secondary\",\"cvssData\":{\"version\":\"3.0\",\"vectorString\":\"CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:H\",\"baseScore\":8.8,\"baseSeverity\":\"HIGH\",\"attackVector\":\"ADJACENT_NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"NONE\",\"scope\":\"CHANGED\",\"confidentialityImpact\":\"LOW\",\"integrityImpact\":\"LOW\",\"availabilityImpact\":\"HIGH\"},\"exploitabilityScore\":2.8,\"impactScore\":5.3},{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"3.0\",\"vectorString\":\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\",\"baseScore\":9.8,\"baseSeverity\":\"CRITICAL\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"HIGH\",\"integrityImpact\":\"HIGH\",\"availabilityImpact\":\"HIGH\"},\"exploitabilityScore\":3.9,\"impactScore\":5.9}],\"cvssMetricV2\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"2.0\",\"vectorString\":\"AV:N/AC:L/Au:N/C:P/I:P/A:P\",\"baseScore\":7.5,\"accessVector\":\"NETWORK\",\"accessComplexity\":\"LOW\",\"authentication\":\"NONE\",\"confidentialityImpact\":\"PARTIAL\",\"integrityImpact\":\"PARTIAL\",\"availabilityImpact\":\"PARTIAL\"},\"baseSeverity\":\"HIGH\",\"exploitabilityScore\":10.0,\"impactScore\":6.4,\"acInsufInfo\":false,\"obtainAllPrivilege\":false,\"obtainUserPrivilege\":false,\"obtainOtherPrivilege\":false,\"userInteractionRequired\":false}]},\"weaknesses\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-94\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:microfocus:data_center_automation:2017.01:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"F8CBD371-84AA-45F2-B53C-FF2F94316FDF\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:microfocus:data_center_automation:2017.05:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"1FA57EDB-69A7-439A-886A-06E844A45CFB\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:microfocus:data_center_automation:2017.08:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"B7E861D6-7812-4190-A3C1-F338D544123E\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:microfocus:data_center_automation:2017.09:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"4CA11555-95A4-4086-9C67-CA4C92EA4D0A\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:microfocus:data_center_automation:2017.11:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"008EA036-C58F-4B01-AEAD-3E8E79304A68\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:microfocus:data_center_automation:2018.02:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"34E310E2-2F0F-4942-A7CD-61616D366824\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:microfocus:data_center_automation:2018.05:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"D1CA1EEE-301A-4DB1-ACE6-A8DC7FF101C7\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:microfocus:hybrid_cloud_management:2017.11:*:*:*:premium:*:*:*\",\"matchCriteriaId\":\"EC84CBAE-0AB4-4405-8423-A221E3BABCA4\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:microfocus:hybrid_cloud_management:2017.11:*:*:*:ultimate:*:*:*\",\"matchCriteriaId\":\"28F73BBD-DA6B-42A5-BDC9-F8832E475B03\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:microfocus:hybrid_cloud_management:2018.02:*:*:*:premium:*:*:*\",\"matchCriteriaId\":\"E52C4EA5-AE1E-476E-9AAF-FB8A6D34658A\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:microfocus:hybrid_cloud_management:2018.02:*:*:*:ultimate:*:*:*\",\"matchCriteriaId\":\"69087F9D-D5F1-462C-8264-13DBCF50474C\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:microfocus:hybrid_cloud_management:2018.05:*:*:*:premium:*:*:*\",\"matchCriteriaId\":\"5686CFAC-0091-4B98-9654-359AC77343EA\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:microfocus:hybrid_cloud_management:2018.05:*:*:*:ultimate:*:*:*\",\"matchCriteriaId\":\"C7E8812B-28DC-4F66-B395-73AF00E57113\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:microfocus:network_operations_management:2017.11:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"E21E1238-6D5F-4AA5-8FE4-B818D0DBF6C4\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:microfocus:network_operations_management:2018.02:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"EA8F1189-19DF-43EB-9B35-61720EE11357\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:microfocus:network_operations_management:2018.05:*:*:*:premium:*:*:*\",\"matchCriteriaId\":\"DF75B30C-1E8D-462E-A30A-9C17EF0B7CE7\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:microfocus:operations_bridge:2017.11:*:*:*:premium:*:*:*\",\"matchCriteriaId\":\"34099595-3D44-4B10-AA42-5A6DC9B82F25\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:microfocus:operations_bridge:2018.02:*:*:*:premium:*:*:*\",\"matchCriteriaId\":\"2D4D7844-FA36-4C63-8AD6-C40F81134DBC\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:microfocus:operations_bridge:2018.05:*:*:*:premium:*:*:*\",\"matchCriteriaId\":\"78756DED-D384-4F7F-99C3-6BC6293B1D28\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:microfocus:service_management_automation:2017.11:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"5166B660-88F2-437B-96DA-F7E44E6AE9A3\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:microfocus:service_management_automation:2018.02:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"2DCFB2E7-D769-4365-9B99-952907563749\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:microfocus:service_management_automation:2018.05:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"3909E337-F1FC-45C8-A120-EEBDBFB0E4D0\"}]}]}],\"references\":[{\"url\":\"https://softwaresupport.softwaregrp.com/document/-/facetsearch/document/KM03236632\",\"source\":\"security@opentext.com\"},{\"url\":\"https://softwaresupport.softwaregrp.com/document/-/facetsearch/document/KM03236667\",\"source\":\"security@opentext.com\"},{\"url\":\"https://softwaresupport.softwaregrp.com/document/-/facetsearch/document/KM03236669\",\"source\":\"security@opentext.com\"},{\"url\":\"https://softwaresupport.softwaregrp.com/document/-/facetsearch/document/KM03236678\",\"source\":\"security@opentext.com\"},{\"url\":\"https://softwaresupport.softwaregrp.com/document/-/facetsearch/document/KM03236725\",\"source\":\"security@opentext.com\"},{\"url\":\"https://softwaresupport.softwaregrp.com/document/-/facetsearch/document/KM03236632\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://softwaresupport.softwaregrp.com/document/-/facetsearch/document/KM03236667\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://softwaresupport.softwaregrp.com/document/-/facetsearch/document/KM03236669\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://softwaresupport.softwaregrp.com/document/-/facetsearch/document/KM03236678\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://softwaresupport.softwaregrp.com/document/-/facetsearch/document/KM03236725\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"}]}}"
  }
}

CNVD-2018-17414

Vulnerability from cnvd - Published: 2018-09-04

Title

多款Micro Focus产品代码执行漏洞

Description

Micro Focus Hybrid Cloud Management Containerized Suite等都是英国Micro Focus公司的产品。Micro Focus Hybrid Cloud Management Containerized Suite是一款混合云管理容器化套件。Operations Bridge Containerized Suite是一套容器式IT运维监控解决方案。多款Micro Focus产品中存在代码执行漏洞。远程攻击者可利用该漏洞执行代码。

Severity

高

Patch Name

多款Micro Focus产品代码执行漏洞的补丁

Patch Description

Formal description

厂商已发布了漏洞修复程序，请及时关注更新： https://softwaresupport.softwaregrp.com/document/-/facetsearch/document/KM03236632

Reference

https://softwaresupport.softwaregrp.com/document/-/facetsearch/document/KM03236632

Impacted products

Name
['Micro Focus Micro Focus Hybrid Cloud Management Containerized Suite HCM2017.11', 'Micro Focus Micro Focus Hybrid Cloud Management Containerized Suite HCM2018.02', 'Micro Focus Micro Focus Hybrid Cloud Management Containerized Suite HCM2018.05', 'Micro Focus Operations Bridge Containerized Suite 2017.11', 'Micro Focus Operations Bridge Containerized Suite 2018.02', 'Micro Focus Operations Bridge Containerized Suite 2018.05', 'Micro Focus Data Center Automation Containerized Suit >=2017.01，<=2018.05', 'Micro Focus Service Management Automation Suite 2017.11', 'Micro Focus Service Management Automation Suite 2018.02', 'Micro Focus Service Management Automation Suite 2018.05', 'Micro Focus Network Operations Management (NOM) Suite CDF 2017.11', 'Micro Focus Network Operations Management (NOM) Suite CDF 2018.02', 'Micro Focus Network Operations Management (NOM) Suite CDF 2018.05']

Name

['Micro Focus Micro Focus Hybrid Cloud Management Containerized Suite HCM2017.11', 'Micro Focus Micro Focus Hybrid Cloud Management Containerized Suite HCM2018.02', 'Micro Focus Micro Focus Hybrid Cloud Management Containerized Suite HCM2018.05', 'Micro Focus Operations Bridge Containerized Suite 2017.11', 'Micro Focus Operations Bridge Containerized Suite 2018.02', 'Micro Focus Operations Bridge Containerized Suite 2018.05', 'Micro Focus Data Center Automation Containerized Suit >=2017.01，<=2018.05', 'Micro Focus Service Management Automation Suite 2017.11', 'Micro Focus Service Management Automation Suite 2018.02', 'Micro Focus Service Management Automation Suite 2018.05', 'Micro Focus Network Operations Management (NOM) Suite CDF 2017.11', 'Micro Focus Network Operations Management (NOM) Suite CDF 2018.02', 'Micro Focus Network Operations Management (NOM) Suite CDF 2018.05']

Show details on source website

JSON

To clipboard

{
  "cves": {
    "cve": {
      "cveNumber": "CVE-2018-6498"
    }
  },
  "description": "Micro Focus Hybrid Cloud Management Containerized Suite\u7b49\u90fd\u662f\u82f1\u56fdMicro Focus\u516c\u53f8\u7684\u4ea7\u54c1\u3002Micro Focus Hybrid Cloud Management Containerized Suite\u662f\u4e00\u6b3e\u6df7\u5408\u4e91\u7ba1\u7406\u5bb9\u5668\u5316\u5957\u4ef6\u3002Operations Bridge Containerized Suite\u662f\u4e00\u5957\u5bb9\u5668\u5f0fIT\u8fd0\u7ef4\u76d1\u63a7\u89e3\u51b3\u65b9\u6848\u3002\r\n\r\n\u591a\u6b3eMicro Focus\u4ea7\u54c1\u4e2d\u5b58\u5728\u4ee3\u7801\u6267\u884c\u6f0f\u6d1e\u3002\u8fdc\u7a0b\u653b\u51fb\u8005\u53ef\u5229\u7528\u8be5\u6f0f\u6d1e\u6267\u884c\u4ee3\u7801\u3002",
  "discovererName": "unknown",
  "formalWay": "\u5382\u5546\u5df2\u53d1\u5e03\u4e86\u6f0f\u6d1e\u4fee\u590d\u7a0b\u5e8f\uff0c\u8bf7\u53ca\u65f6\u5173\u6ce8\u66f4\u65b0\uff1a\r\nhttps://softwaresupport.softwaregrp.com/document/-/facetsearch/document/KM03236632",
  "isEvent": "\u901a\u7528\u8f6f\u786c\u4ef6\u6f0f\u6d1e",
  "number": "CNVD-2018-17414",
  "openTime": "2018-09-04",
  "patchDescription": "Micro Focus Hybrid Cloud Management Containerized Suite\u7b49\u90fd\u662f\u82f1\u56fdMicro Focus\u516c\u53f8\u7684\u4ea7\u54c1\u3002Micro Focus Hybrid Cloud Management Containerized Suite\u662f\u4e00\u6b3e\u6df7\u5408\u4e91\u7ba1\u7406\u5bb9\u5668\u5316\u5957\u4ef6\u3002Operations Bridge Containerized Suite\u662f\u4e00\u5957\u5bb9\u5668\u5f0fIT\u8fd0\u7ef4\u76d1\u63a7\u89e3\u51b3\u65b9\u6848\u3002\r\n\r\n\u591a\u6b3eMicro Focus\u4ea7\u54c1\u4e2d\u5b58\u5728\u4ee3\u7801\u6267\u884c\u6f0f\u6d1e\u3002\u8fdc\u7a0b\u653b\u51fb\u8005\u53ef\u5229\u7528\u8be5\u6f0f\u6d1e\u6267\u884c\u4ee3\u7801\u3002\u76ee\u524d\uff0c\u4f9b\u5e94\u5546\u53d1\u5e03\u4e86\u5b89\u5168\u516c\u544a\u53ca\u76f8\u5173\u8865\u4e01\u4fe1\u606f\uff0c\u4fee\u590d\u4e86\u6b64\u6f0f\u6d1e\u3002",
  "patchName": "\u591a\u6b3eMicro Focus\u4ea7\u54c1\u4ee3\u7801\u6267\u884c\u6f0f\u6d1e\u7684\u8865\u4e01",
  "products": {
    "product": [
      "Micro Focus Micro Focus Hybrid Cloud Management Containerized Suite HCM2017.11",
      "Micro Focus Micro Focus Hybrid Cloud Management Containerized Suite HCM2018.02",
      "Micro Focus Micro Focus Hybrid Cloud Management Containerized Suite HCM2018.05",
      "Micro Focus Operations Bridge Containerized Suite 2017.11",
      "Micro Focus Operations Bridge Containerized Suite 2018.02",
      "Micro Focus Operations Bridge Containerized Suite 2018.05",
      "Micro Focus Data Center Automation Containerized Suit \u003e=2017.01\uff0c\u003c=2018.05",
      "Micro Focus Service Management Automation Suite 2017.11",
      "Micro Focus Service Management Automation Suite 2018.02",
      "Micro Focus Service Management Automation Suite 2018.05",
      "Micro Focus Network Operations Management (NOM) Suite CDF 2017.11",
      "Micro Focus Network Operations Management (NOM) Suite CDF 2018.02",
      "Micro Focus Network Operations Management (NOM) Suite CDF 2018.05"
    ]
  },
  "referenceLink": "https://softwaresupport.softwaregrp.com/document/-/facetsearch/document/KM03236632",
  "serverity": "\u9ad8",
  "submitTime": "2018-09-03",
  "title": "\u591a\u6b3eMicro Focus\u4ea7\u54c1\u4ee3\u7801\u6267\u884c\u6f0f\u6d1e"
}

GHSA-F2FQ-RHR2-2J8M

Vulnerability from github – Published: 2022-05-13 01:32 – Updated: 2022-05-13 01:32

Details

Severity ?

9.8 (Critical)


                  
                    CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Show details on source website

JSON

To clipboard

{
  "affected": [],
  "aliases": [
    "CVE-2018-6498"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-94"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2018-08-30T21:29:00Z",
    "severity": "CRITICAL"
  },
  "details": "Remote Code Execution in the following products Hybrid Cloud Management Containerized Suite HCM2017.11, HCM2018.02, HCM2018.05, Operations Bridge Containerized Suite 2017.11, 2018.02, 2018.05, Data Center Automation Containerized Suite 2017.01 until 2018.05, Service Management Automation Suite 2017.11, 2018.02, 2018.05 and Network Operations Management (NOM) Suite CDF 2017.11, 2018.02, 2018.05 will allow Remote Code Execution.",
  "id": "GHSA-f2fq-rhr2-2j8m",
  "modified": "2022-05-13T01:32:00Z",
  "published": "2022-05-13T01:32:00Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2018-6498"
    },
    {
      "type": "WEB",
      "url": "https://softwaresupport.softwaregrp.com/document/-/facetsearch/document/KM03236632"
    },
    {
      "type": "WEB",
      "url": "https://softwaresupport.softwaregrp.com/document/-/facetsearch/document/KM03236667"
    },
    {
      "type": "WEB",
      "url": "https://softwaresupport.softwaregrp.com/document/-/facetsearch/document/KM03236669"
    },
    {
      "type": "WEB",
      "url": "https://softwaresupport.softwaregrp.com/document/-/facetsearch/document/KM03236678"
    },
    {
      "type": "WEB",
      "url": "https://softwaresupport.softwaregrp.com/document/-/facetsearch/document/KM03236725"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
      "type": "CVSS_V3"
    }
  ]
}

GSD-2018-6498

Vulnerability from gsd - Updated: 2023-12-13 01:22

Details

Aliases

CVE-2018-6498

Aliases

CVE-2018-6498

JSON

To clipboard

{
  "GSD": {
    "alias": "CVE-2018-6498",
    "description": "Remote Code Execution in the following products Hybrid Cloud Management Containerized Suite HCM2017.11, HCM2018.02, HCM2018.05, Operations Bridge Containerized Suite 2017.11, 2018.02, 2018.05, Data Center Automation Containerized Suite 2017.01 until 2018.05, Service Management Automation Suite 2017.11, 2018.02, 2018.05 and Network Operations Management (NOM) Suite CDF 2017.11, 2018.02, 2018.05 will allow Remote Code Execution.",
    "id": "GSD-2018-6498"
  },
  "gsd": {
    "metadata": {
      "exploitCode": "unknown",
      "remediation": "unknown",
      "reportConfidence": "confirmed",
      "type": "vulnerability"
    },
    "osvSchema": {
      "aliases": [
        "CVE-2018-6498"
      ],
      "details": "Remote Code Execution in the following products Hybrid Cloud Management Containerized Suite HCM2017.11, HCM2018.02, HCM2018.05, Operations Bridge Containerized Suite 2017.11, 2018.02, 2018.05, Data Center Automation Containerized Suite 2017.01 until 2018.05, Service Management Automation Suite 2017.11, 2018.02, 2018.05 and Network Operations Management (NOM) Suite CDF 2017.11, 2018.02, 2018.05 will allow Remote Code Execution.",
      "id": "GSD-2018-6498",
      "modified": "2023-12-13T01:22:35.791936Z",
      "schema_version": "1.4.0"
    }
  },
  "namespaces": {
    "cve.org": {
      "CVE_data_meta": {
        "ASSIGNER": "security@microfocus.com",
        "DATE_PUBLIC": "2018-08-30T17:00:00.000Z",
        "ID": "CVE-2018-6498",
        "STATE": "PUBLIC",
        "TITLE": "Micro Focus Container Deployment Foundation (CDF), Remote Code Execution"
      },
      "affects": {
        "vendor": {
          "vendor_data": [
            {
              "product": {
                "product_data": [
                  {
                    "product_name": " Network Operations Management (NOM) Suite CDF",
                    "version": {
                      "version_data": [
                        {
                          "version_value": "2017.11, 2018.02, 2018.05"
                        }
                      ]
                    }
                  },
                  {
                    "product_name": "Service Management Automation Suite ",
                    "version": {
                      "version_data": [
                        {
                          "version_value": "2017.11, 2018.02, 2018.05"
                        }
                      ]
                    }
                  },
                  {
                    "product_name": "Data Center Automation Containerized Suite",
                    "version": {
                      "version_data": [
                        {
                          "version_value": "2017.01 until 2018.05"
                        }
                      ]
                    }
                  },
                  {
                    "product_name": "Operations Bridge Containerized Suite",
                    "version": {
                      "version_data": [
                        {
                          "version_value": "2017.11, 2018.02, 2018.05"
                        }
                      ]
                    }
                  },
                  {
                    "product_name": "Hybrid Cloud Management Containerized Suite",
                    "version": {
                      "version_data": [
                        {
                          "version_value": "HCM2017.11, HCM2018.02, HCM2018.05"
                        }
                      ]
                    }
                  }
                ]
              },
              "vendor_name": "Micro Focus"
            }
          ]
        }
      },
      "data_format": "MITRE",
      "data_type": "CVE",
      "data_version": "4.0",
      "description": {
        "description_data": [
          {
            "lang": "eng",
            "value": "Remote Code Execution in the following products Hybrid Cloud Management Containerized Suite HCM2017.11, HCM2018.02, HCM2018.05, Operations Bridge Containerized Suite 2017.11, 2018.02, 2018.05, Data Center Automation Containerized Suite 2017.01 until 2018.05, Service Management Automation Suite 2017.11, 2018.02, 2018.05 and Network Operations Management (NOM) Suite CDF 2017.11, 2018.02, 2018.05 will allow Remote Code Execution."
          }
        ]
      },
      "exploit": [
        {
          "lang": "eng",
          "value": "Remote Code Execution"
        }
      ],
      "impact": {
        "cvss": {
          "attackComplexity": "LOW",
          "attackVector": "ADJACENT_NETWORK",
          "availabilityImpact": "HIGH",
          "baseScore": 8.8,
          "baseSeverity": "HIGH",
          "confidentialityImpact": "LOW",
          "integrityImpact": "LOW",
          "privilegesRequired": "NONE",
          "scope": "CHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:H",
          "version": "3.0"
        }
      },
      "problemtype": {
        "problemtype_data": [
          {
            "description": [
              {
                "lang": "eng",
                "value": "Remote Code Execution"
              }
            ]
          }
        ]
      },
      "references": {
        "reference_data": [
          {
            "name": "https://softwaresupport.softwaregrp.com/document/-/facetsearch/document/KM03236667",
            "refsource": "CONFIRM",
            "url": "https://softwaresupport.softwaregrp.com/document/-/facetsearch/document/KM03236667"
          },
          {
            "name": "https://softwaresupport.softwaregrp.com/document/-/facetsearch/document/KM03236669",
            "refsource": "CONFIRM",
            "url": "https://softwaresupport.softwaregrp.com/document/-/facetsearch/document/KM03236669"
          },
          {
            "name": "https://softwaresupport.softwaregrp.com/document/-/facetsearch/document/KM03236725",
            "refsource": "CONFIRM",
            "url": "https://softwaresupport.softwaregrp.com/document/-/facetsearch/document/KM03236725"
          },
          {
            "name": "https://softwaresupport.softwaregrp.com/document/-/facetsearch/document/KM03236632",
            "refsource": "CONFIRM",
            "url": "https://softwaresupport.softwaregrp.com/document/-/facetsearch/document/KM03236632"
          },
          {
            "name": "https://softwaresupport.softwaregrp.com/document/-/facetsearch/document/KM03236678",
            "refsource": "CONFIRM",
            "url": "https://softwaresupport.softwaregrp.com/document/-/facetsearch/document/KM03236678"
          }
        ]
      },
      "source": {
        "discovery": "UNKNOWN"
      }
    },
    "nvd.nist.gov": {
      "configurations": {
        "CVE_data_version": "4.0",
        "nodes": [
          {
            "children": [],
            "cpe_match": [
              {
                "cpe23Uri": "cpe:2.3:a:microfocus:hybrid_cloud_management:2018.05:*:*:*:premium:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:microfocus:operations_bridge:2017.11:*:*:*:premium:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:microfocus:operations_bridge:2018.02:*:*:*:premium:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:microfocus:operations_bridge:2018.05:*:*:*:premium:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:microfocus:data_center_automation:2017.08:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:microfocus:hybrid_cloud_management:2017.11:*:*:*:ultimate:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:microfocus:hybrid_cloud_management:2018.02:*:*:*:ultimate:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:microfocus:service_management_automation:2018.02:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:microfocus:network_operations_management:2018.02:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:microfocus:data_center_automation:2017.11:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:microfocus:data_center_automation:2018.02:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:microfocus:data_center_automation:2018.05:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:microfocus:data_center_automation:2017.01:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:microfocus:network_operations_management:2017.11:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:microfocus:network_operations_management:2018.05:*:*:*:premium:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:microfocus:data_center_automation:2017.05:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:microfocus:data_center_automation:2017.09:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:microfocus:hybrid_cloud_management:2017.11:*:*:*:premium:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:microfocus:hybrid_cloud_management:2018.02:*:*:*:premium:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:microfocus:hybrid_cloud_management:2018.05:*:*:*:ultimate:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:microfocus:service_management_automation:2018.05:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:microfocus:service_management_automation:2017.11:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              }
            ],
            "operator": "OR"
          }
        ]
      },
      "cve": {
        "CVE_data_meta": {
          "ASSIGNER": "security@suse.com",
          "ID": "CVE-2018-6498"
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "en",
              "value": "Remote Code Execution in the following products Hybrid Cloud Management Containerized Suite HCM2017.11, HCM2018.02, HCM2018.05, Operations Bridge Containerized Suite 2017.11, 2018.02, 2018.05, Data Center Automation Containerized Suite 2017.01 until 2018.05, Service Management Automation Suite 2017.11, 2018.02, 2018.05 and Network Operations Management (NOM) Suite CDF 2017.11, 2018.02, 2018.05 will allow Remote Code Execution."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "en",
                  "value": "CWE-94"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://softwaresupport.softwaregrp.com/document/-/facetsearch/document/KM03236725",
              "refsource": "CONFIRM",
              "tags": [
                "Vendor Advisory"
              ],
              "url": "https://softwaresupport.softwaregrp.com/document/-/facetsearch/document/KM03236725"
            },
            {
              "name": "https://softwaresupport.softwaregrp.com/document/-/facetsearch/document/KM03236678",
              "refsource": "CONFIRM",
              "tags": [
                "Vendor Advisory"
              ],
              "url": "https://softwaresupport.softwaregrp.com/document/-/facetsearch/document/KM03236678"
            },
            {
              "name": "https://softwaresupport.softwaregrp.com/document/-/facetsearch/document/KM03236669",
              "refsource": "CONFIRM",
              "tags": [
                "Vendor Advisory"
              ],
              "url": "https://softwaresupport.softwaregrp.com/document/-/facetsearch/document/KM03236669"
            },
            {
              "name": "https://softwaresupport.softwaregrp.com/document/-/facetsearch/document/KM03236667",
              "refsource": "CONFIRM",
              "tags": [
                "Vendor Advisory"
              ],
              "url": "https://softwaresupport.softwaregrp.com/document/-/facetsearch/document/KM03236667"
            },
            {
              "name": "https://softwaresupport.softwaregrp.com/document/-/facetsearch/document/KM03236632",
              "refsource": "CONFIRM",
              "tags": [
                "Vendor Advisory"
              ],
              "url": "https://softwaresupport.softwaregrp.com/document/-/facetsearch/document/KM03236632"
            }
          ]
        }
      },
      "impact": {
        "baseMetricV2": {
          "cvssV2": {
            "accessComplexity": "LOW",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "availabilityImpact": "PARTIAL",
            "baseScore": 7.5,
            "confidentialityImpact": "PARTIAL",
            "integrityImpact": "PARTIAL",
            "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
            "version": "2.0"
          },
          "exploitabilityScore": 10.0,
          "impactScore": 6.4,
          "obtainAllPrivilege": false,
          "obtainOtherPrivilege": false,
          "obtainUserPrivilege": false,
          "severity": "HIGH",
          "userInteractionRequired": false
        },
        "baseMetricV3": {
          "cvssV3": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 9.8,
            "baseSeverity": "CRITICAL",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.0"
          },
          "exploitabilityScore": 3.9,
          "impactScore": 5.9
        }
      },
      "lastModifiedDate": "2019-10-09T23:41Z",
      "publishedDate": "2018-08-30T21:29Z"
    }
  }
}

FKIE_CVE-2018-6498

Vulnerability from fkie_nvd - Published: 2018-08-30 21:29 - Updated: 2024-11-21 04:10

Severity ?

8.8 (High) - CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:H
9.8 (Critical) - CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Summary

References

	URL	Tags
	security@opentext.com	https://softwaresupport.softwaregrp.com/document/-/facetsearch/document/KM03236632
	security@opentext.com	https://softwaresupport.softwaregrp.com/document/-/facetsearch/document/KM03236667
	security@opentext.com	https://softwaresupport.softwaregrp.com/document/-/facetsearch/document/KM03236669
	security@opentext.com	https://softwaresupport.softwaregrp.com/document/-/facetsearch/document/KM03236678
	security@opentext.com	https://softwaresupport.softwaregrp.com/document/-/facetsearch/document/KM03236725
	af854a3a-2127-422b-91ae-364da2661108	https://softwaresupport.softwaregrp.com/document/-/facetsearch/document/KM03236632
	af854a3a-2127-422b-91ae-364da2661108	https://softwaresupport.softwaregrp.com/document/-/facetsearch/document/KM03236667
	af854a3a-2127-422b-91ae-364da2661108	https://softwaresupport.softwaregrp.com/document/-/facetsearch/document/KM03236669
	af854a3a-2127-422b-91ae-364da2661108	https://softwaresupport.softwaregrp.com/document/-/facetsearch/document/KM03236678
	af854a3a-2127-422b-91ae-364da2661108	https://softwaresupport.softwaregrp.com/document/-/facetsearch/document/KM03236725

Impacted products

Vendor	Product	Version
microfocus	data_center_automation	2017.01
microfocus	data_center_automation	2017.05
microfocus	data_center_automation	2017.08
microfocus	data_center_automation	2017.09
microfocus	data_center_automation	2017.11
microfocus	data_center_automation	2018.02
microfocus	data_center_automation	2018.05
microfocus	hybrid_cloud_management	2017.11
microfocus	hybrid_cloud_management	2017.11
microfocus	hybrid_cloud_management	2018.02
microfocus	hybrid_cloud_management	2018.02
microfocus	hybrid_cloud_management	2018.05
microfocus	hybrid_cloud_management	2018.05
microfocus	network_operations_management	2017.11
microfocus	network_operations_management	2018.02
microfocus	network_operations_management	2018.05
microfocus	operations_bridge	2017.11
microfocus	operations_bridge	2018.02
microfocus	operations_bridge	2018.05
microfocus	service_management_automation	2017.11
microfocus	service_management_automation	2018.02
microfocus	service_management_automation	2018.05

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:microfocus:data_center_automation:2017.01:*:*:*:*:*:*:*",
              "matchCriteriaId": "F8CBD371-84AA-45F2-B53C-FF2F94316FDF",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:microfocus:data_center_automation:2017.05:*:*:*:*:*:*:*",
              "matchCriteriaId": "1FA57EDB-69A7-439A-886A-06E844A45CFB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:microfocus:data_center_automation:2017.08:*:*:*:*:*:*:*",
              "matchCriteriaId": "B7E861D6-7812-4190-A3C1-F338D544123E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:microfocus:data_center_automation:2017.09:*:*:*:*:*:*:*",
              "matchCriteriaId": "4CA11555-95A4-4086-9C67-CA4C92EA4D0A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:microfocus:data_center_automation:2017.11:*:*:*:*:*:*:*",
              "matchCriteriaId": "008EA036-C58F-4B01-AEAD-3E8E79304A68",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:microfocus:data_center_automation:2018.02:*:*:*:*:*:*:*",
              "matchCriteriaId": "34E310E2-2F0F-4942-A7CD-61616D366824",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:microfocus:data_center_automation:2018.05:*:*:*:*:*:*:*",
              "matchCriteriaId": "D1CA1EEE-301A-4DB1-ACE6-A8DC7FF101C7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:microfocus:hybrid_cloud_management:2017.11:*:*:*:premium:*:*:*",
              "matchCriteriaId": "EC84CBAE-0AB4-4405-8423-A221E3BABCA4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:microfocus:hybrid_cloud_management:2017.11:*:*:*:ultimate:*:*:*",
              "matchCriteriaId": "28F73BBD-DA6B-42A5-BDC9-F8832E475B03",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:microfocus:hybrid_cloud_management:2018.02:*:*:*:premium:*:*:*",
              "matchCriteriaId": "E52C4EA5-AE1E-476E-9AAF-FB8A6D34658A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:microfocus:hybrid_cloud_management:2018.02:*:*:*:ultimate:*:*:*",
              "matchCriteriaId": "69087F9D-D5F1-462C-8264-13DBCF50474C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:microfocus:hybrid_cloud_management:2018.05:*:*:*:premium:*:*:*",
              "matchCriteriaId": "5686CFAC-0091-4B98-9654-359AC77343EA",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:microfocus:hybrid_cloud_management:2018.05:*:*:*:ultimate:*:*:*",
              "matchCriteriaId": "C7E8812B-28DC-4F66-B395-73AF00E57113",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:microfocus:network_operations_management:2017.11:*:*:*:*:*:*:*",
              "matchCriteriaId": "E21E1238-6D5F-4AA5-8FE4-B818D0DBF6C4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:microfocus:network_operations_management:2018.02:*:*:*:*:*:*:*",
              "matchCriteriaId": "EA8F1189-19DF-43EB-9B35-61720EE11357",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:microfocus:network_operations_management:2018.05:*:*:*:premium:*:*:*",
              "matchCriteriaId": "DF75B30C-1E8D-462E-A30A-9C17EF0B7CE7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:microfocus:operations_bridge:2017.11:*:*:*:premium:*:*:*",
              "matchCriteriaId": "34099595-3D44-4B10-AA42-5A6DC9B82F25",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:microfocus:operations_bridge:2018.02:*:*:*:premium:*:*:*",
              "matchCriteriaId": "2D4D7844-FA36-4C63-8AD6-C40F81134DBC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:microfocus:operations_bridge:2018.05:*:*:*:premium:*:*:*",
              "matchCriteriaId": "78756DED-D384-4F7F-99C3-6BC6293B1D28",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:microfocus:service_management_automation:2017.11:*:*:*:*:*:*:*",
              "matchCriteriaId": "5166B660-88F2-437B-96DA-F7E44E6AE9A3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:microfocus:service_management_automation:2018.02:*:*:*:*:*:*:*",
              "matchCriteriaId": "2DCFB2E7-D769-4365-9B99-952907563749",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:microfocus:service_management_automation:2018.05:*:*:*:*:*:*:*",
              "matchCriteriaId": "3909E337-F1FC-45C8-A120-EEBDBFB0E4D0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "Remote Code Execution in the following products Hybrid Cloud Management Containerized Suite HCM2017.11, HCM2018.02, HCM2018.05, Operations Bridge Containerized Suite 2017.11, 2018.02, 2018.05, Data Center Automation Containerized Suite 2017.01 until 2018.05, Service Management Automation Suite 2017.11, 2018.02, 2018.05 and Network Operations Management (NOM) Suite CDF 2017.11, 2018.02, 2018.05 will allow Remote Code Execution."
    },
    {
      "lang": "es",
      "value": "Ejecuci\u00f3n remota de c\u00f3digo en los siguientes productos: Hybrid Cloud Management Containerized Suite HCM2017.11, HCM2018.02, HCM2018.05; Operations Bridge Containerized Suite 2017.11, 2018.02, 2018.05; Data Center Automation Containerized Suite 2017.01 hasta la versi\u00f3n 2018.05; Service Management Automation Suite 2017.11, 2018.02, 2018.05 y Network Operations Management (NOM) Suite CDF 2017.11, 2018.02 y 2018.05 permitir\u00e1 la ejecuci\u00f3n remota de c\u00f3digo."
    }
  ],
  "id": "CVE-2018-6498",
  "lastModified": "2024-11-21T04:10:46.813",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "HIGH",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "PARTIAL",
          "baseScore": 7.5,
          "confidentialityImpact": "PARTIAL",
          "integrityImpact": "PARTIAL",
          "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
          "version": "2.0"
        },
        "exploitabilityScore": 10.0,
        "impactScore": 6.4,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ],
    "cvssMetricV30": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "ADJACENT_NETWORK",
          "availabilityImpact": "HIGH",
          "baseScore": 8.8,
          "baseSeverity": "HIGH",
          "confidentialityImpact": "LOW",
          "integrityImpact": "LOW",
          "privilegesRequired": "NONE",
          "scope": "CHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:H",
          "version": "3.0"
        },
        "exploitabilityScore": 2.8,
        "impactScore": 5.3,
        "source": "security@opentext.com",
        "type": "Secondary"
      },
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "HIGH",
          "baseScore": 9.8,
          "baseSeverity": "CRITICAL",
          "confidentialityImpact": "HIGH",
          "integrityImpact": "HIGH",
          "privilegesRequired": "NONE",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
          "version": "3.0"
        },
        "exploitabilityScore": 3.9,
        "impactScore": 5.9,
        "source": "nvd@nist.gov",
        "type": "Primary"
      }
    ]
  },
  "published": "2018-08-30T21:29:00.267",
  "references": [
    {
      "source": "security@opentext.com",
      "url": "https://softwaresupport.softwaregrp.com/document/-/facetsearch/document/KM03236632"
    },
    {
      "source": "security@opentext.com",
      "url": "https://softwaresupport.softwaregrp.com/document/-/facetsearch/document/KM03236667"
    },
    {
      "source": "security@opentext.com",
      "url": "https://softwaresupport.softwaregrp.com/document/-/facetsearch/document/KM03236669"
    },
    {
      "source": "security@opentext.com",
      "url": "https://softwaresupport.softwaregrp.com/document/-/facetsearch/document/KM03236678"
    },
    {
      "source": "security@opentext.com",
      "url": "https://softwaresupport.softwaregrp.com/document/-/facetsearch/document/KM03236725"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://softwaresupport.softwaregrp.com/document/-/facetsearch/document/KM03236632"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://softwaresupport.softwaregrp.com/document/-/facetsearch/document/KM03236667"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://softwaresupport.softwaregrp.com/document/-/facetsearch/document/KM03236669"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://softwaresupport.softwaregrp.com/document/-/facetsearch/document/KM03236678"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://softwaresupport.softwaregrp.com/document/-/facetsearch/document/KM03236725"
    }
  ],
  "sourceIdentifier": "security@opentext.com",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-94"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or observed by the user.
Confirmed: The vulnerability has been validated from an analyst's perspective.
Published Proof of Concept: A public proof of concept is available for this vulnerability.
Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
Not confirmed: The user expressed doubt about the validity of the vulnerability.
Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.

Detection rules are retrieved from Rulezet.

Action not permitted

CVE-2018-6498 (GCVE-0-2018-6498)

CNVD-2018-17414

GHSA-F2FQ-RHR2-2J8M

GSD-2018-6498

FKIE_CVE-2018-6498

Tags

Sightings

Nomenclature