Vulnerabilities > Microfocus > Operations Bridge

DATE CVE VULNERABILITY TITLE RISK
2022-12-08 CVE-2022-38754 Cross-site Scripting vulnerability in Microfocus Operations Bridge and Operations Bridge Manager
A potential vulnerability has been identified in Micro Focus Operations Bridge - Containerized.
network
low complexity
microfocus CWE-79
5.4
2022-04-11 CVE-2021-38125 Unspecified vulnerability in Microfocus Operations Bridge 2021.05/2021.08/2022.11
Unauthenticated remote code execution in Micro Focus Operations Bridge containerized, affecting versions 2021.05, 2021.08, and newer versions of Micro Focus Operations Bridge containerized if the deployment was upgraded from 2021.05 or 2021.08.
network
low complexity
microfocus
critical
9.8
2020-10-27 CVE-2020-11858 Unspecified vulnerability in Microfocus Operations Bridge and Operations Bridge Manager
Code execution with escalated privileges vulnerability in Micro Focus products Operation Bridge Manager and Operation Bridge (containerized).
local
low complexity
microfocus
7.8
2020-10-27 CVE-2020-11854 Use of Hard-coded Credentials vulnerability in Microfocus products
Arbitrary code execution vlnerability in Operation bridge Manager, Application Performance Management and Operations Bridge (containerized) vulnerability in Micro Focus products products Operation Bridge Manager, Operation Bridge (containerized) and Application Performance Management.
network
low complexity
microfocus CWE-798
critical
9.8
2018-11-07 CVE-2018-18590 Information Exposure vulnerability in Microfocus Operations Bridge
A potential remote code execution and information disclosure vulnerability exists in Micro Focus Operations Bridge containerized suite versions 2017.11, 2018.02, 2018.05, 2018.08.
low complexity
microfocus CWE-200
8.8
2018-08-30 CVE-2018-6499 Code Injection vulnerability in Microfocus products
Remote Code Execution in the following products Hybrid Cloud Management Containerized Suite HCM2017.11, HCM2018.02, HCM2018.05, Operations Bridge Containerized Suite 2017.11, 2018.02, 2018.05, Data Center Automation Containerized Suite 2017.01 until 2018.05, Service Management Automation Suite 2017.11, 2018.02, 2018.05, Service Virtualization (SV) with floating licenses using Any version using APLS older than 10.7, Unified Functional Testing (UFT) with floating licenses using Any version using APLS older than 10.7, Network Virtualization (NV) with floating licenses using Any version using APLS older than 10.7 and Network Operations Management (NOM) Suite CDF 2017.11, 2018.02, 2018.05 will allow Remote Code Execution.
network
low complexity
microfocus CWE-94
critical
9.8
2018-08-30 CVE-2018-6498 Code Injection vulnerability in Microfocus products
Remote Code Execution in the following products Hybrid Cloud Management Containerized Suite HCM2017.11, HCM2018.02, HCM2018.05, Operations Bridge Containerized Suite 2017.11, 2018.02, 2018.05, Data Center Automation Containerized Suite 2017.01 until 2018.05, Service Management Automation Suite 2017.11, 2018.02, 2018.05 and Network Operations Management (NOM) Suite CDF 2017.11, 2018.02, 2018.05 will allow Remote Code Execution.
network
low complexity
microfocus CWE-94
critical
9.8