HIGH✓ PATCH🇵🇱 Wersja polska

CVE-2022-38754

CVSS 8.0v3.1pub. 2022-12-08upd. 2024-11-21

A potential vulnerability has been identified in Micro Focus Operations Bridge - Containerized. The vulnerability could be exploited by a malicious authenticated OBM (Operations Bridge Manager) user to run Java Scripts in the browser context of another OBM user. Please note: The vulnerability is only applicable if the Operations Bridge Manager capability is deployed. A potential vulnerability has been identified in Micro Focus Operations Bridge Manager (OBM). The vulnerability could be exploited by a malicious authenticated OBM user to run Java Scripts in the browser context of another OBM user. This issue affects: Micro Focus Micro Focus Operations Bridge Manager versions prior to 2022.11. Micro Focus Micro Focus Operations Bridge- Containerized versions prior to 2022.11.

CVSS Vector
CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H
  • Microfocus Operations Bridge

    APP
    Microfocus
    < 2022.11
  • Microfocus Operations Bridge Manager

    APP
    Microfocus
    < 2022.11
🟢
PATCH AVAILABLE
Vendor update available. Deploy in standard maintenance cycle.
Tags
ContainerXSS
CWE
References

Related vulnerabilities

CVE-2021-38125CRITICAL9.8ten sam produkt

Unauthenticated remote code execution in Micro Focus Operations Bridge containerized, affecting versions 2021....

CVE-2021-22507CRITICAL9.8ten sam produkt

Authentication bypass vulnerability in Micro Focus Operations Bridge Manager affects versions 2019.05, 2019.11...

CVE-2021-22504CRITICAL9.8ten sam produkt

Arbitrary code execution vulnerability on Micro Focus Operations Bridge Manager product, affecting versions 10...

CVE-2020-11854CRITICAL9.8ten sam produkt

Arbitrary code execution vlnerability in Operation bridge Manager, Application Performance Management and Oper...

CVE-2018-18590CRITICAL9.6ten sam produkt

A potential remote code execution and information disclosure vulnerability exists in Micro Focus Operations Br...