Remote Code execution vulnerability in Micro Focus Operation Bridge Reporter (OBR) product, affecting version 10.40. The vulnerability could be exploited to allow Remote Code Execution on the OBR server.
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:HMicrofocus Operation Bridge Reporter
APPMicrofocus10.40
CISA KEV — detailsi
- Vendori
- Micro Focus
- Producti
- Operation Bridge Reporter (OBR)
- Added to KEVi
- November 3, 2021
- Remediation deadline (US Federal)i
- November 17, 2021(overdue)
Apply updates per vendor instructions.
Micro Focus Operation Bridge Report (OBR) contains an unspecified vulnerability that allows for remote code execution.
Related vulnerabilities
Arbitrary code execution vulnerability on Micro Focus Operation Bridge Reporter, affecting version 10.40 and e...
An Authorization Bypass vulnerability on Micro Focus Operation Bridge Reporter, affecting version 10.40 and ea...
An Authorization Bypass vulnerability on Micro Focus Operation Bridge Reporter, affecting version 10.40 and ea...
User authentication with username and password credentials is ineffective in OpenText (Micro Focus) Visual COB...
Potential XML External Entity Injection in ArcSight Logger versions prior to 7.3.0.