Vulnerabilities > CVE-2020-11849 - Unspecified vulnerability in Microfocus Identity Manager

CVSS 9.8 - CRITICAL

Attack vector

NETWORK

Attack complexity

LOW

Privileges required

NONE

Confidentiality impact

HIGH

Integrity impact

HIGH

Availability impact

HIGH

network

low complexity

microfocus

critical

NVD

Published: 2020-07-08

Updated: 2023-11-07

Summary

Elevation of privilege and/or unauthorized access vulnerability in Micro Focus Identity Manager. Affecting versions prior to 4.7.3 and 4.8.1 hot fix 1. The vulnerability could allow information exposure that can result in an elevation of privilege or an unauthorized access.

Vulnerable Configurations

Part	Description	Count
Application	Microfocus Microfocus Identity Manager 4.8.1 Microfocus Identity Manager 4.7.4 Microfocus Identity Manager 2.7.7.7 Microfocus Identity Manager 4.0.1 Microfocus Identity Manager 4.0.2 Microfocus Identity Manager 4.0.2.0 Microfocus Identity Manager 4.5 Microfocus Identity Manager 4.5.2 Microfocus Identity Manager 4.5.3 Microfocus Identity Manager 4.5.4 Microfocus Identity Manager 4.5.6.1 Microfocus Identity Manager 4.6 Microfocus Identity Manager 4.6.1 Microfocus Identity Manager 4.7 Microfocus Identity Manager 4.7.1 Microfocus Identity Manager 4.7.2	16

Summary

Vulnerable Configurations

References