id: CVE-2020-11853 info: name: Micro Focus Operations Bridge Manager <=2020.05 - Remote Code Execution author: dwisiswant0 severity: high description: | Micro Focus Operations Bridge Manager in versions 2020.05 and below is vulnerable to remote code execution via UCMDB. The vulnerability allows remote attackers to execute arbitrary code on affected installations of Data Center Automation. An attack requires network access and authentication as a valid application user. Originated from Metasploit module (#14654). reference: - http://packetstormsecurity.com/files/161366/Micro-Focus-Operations-Bridge-Manager-Remote-Code-Execution.html - https://softwaresupport.softwaregrp.com/doc/KM03747658 - https://softwaresupport.softwaregrp.com/doc/KM03747949 - https://softwaresupport.softwaregrp.com/doc/KM03747948 - https://nvd.nist.gov/vuln/detail/CVE-2020-11853 classification: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H cvss-score: 8.8 cve-id: CVE-2020-11853 epss-score: 0.94771 tags: opm,rce,packetstorm,cve,cve2020 metadata: max-request: 1 http: - method: GET path: - "{{BaseURL}}/ucmdb-api/connect" matchers-condition: and matchers: - type: status status: - 200 - type: word words: - "HttpUcmdbServiceProviderFactoryImpl" - "ServerVersion=11.6.0" part: body condition: and # Enhanced by mp on 2022/07/13