CVE-2018-18589
MEDIUMMicro Focus Real User Monitoring 9.26IP, 9.30, 9.40, 9.50 - Remote Code Execution via Untrusted Data Deserialization
Title source: llmDescription
A potential Remote Arbitrary Code Execution vulnerability has been identified in Micro Focus' Real User Monitoring software, versions 9.26IP, 9.30, 9.40 and 9.50. The vulnerability could be exploited to execute arbitrary code.
References (1)
Core 1
Core References
Various Sources x_refsource_confirm
https://softwaresupport.softwaregrp.com/document/-/facetsearch/document/KM03272900
Scores
CVSS v3
6.3
EPSS
0.0139
EPSS Percentile
80.6%
Attack Vector
NETWORK
CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L
Details
CWE
CWE-502
Status
published
Products (4)
microfocus/real_user_monitoring
9.26ip
microfocus/real_user_monitoring
9.30
microfocus/real_user_monitoring
9.40
microfocus/real_user_monitoring
9.50
Published
Oct 23, 2018
Tracked Since
Feb 18, 2026