CVE-2018-18591
MEDIUMMicro Focus Service Manager 9.30-9.51 - Unauthorized Data Exposure
Title source: llmDescription
A potential unauthorized disclosure of data vulnerability has been identified in Micro Focus Service Manager versions: 9.30, 9.31, 9.32, 9.33, 9.34, 9.35, 9.40, 9.41, 9.50, 9.51. The vulnerability could be exploited to release unauthorized disclosure of data.
References (1)
Core 1
Core References
Various Sources x_refsource_confirm
https://softwaresupport.softwaregrp.com/document/-/facetsearch/document/KM03286176
Scores
CVSS v3
6.8
EPSS
0.0022
EPSS Percentile
43.8%
Attack Vector
NETWORK
CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:N/A:N
Details
CWE
CWE-200
Status
published
Products (10)
microfocus/service_manager
9.30
microfocus/service_manager
9.31
microfocus/service_manager
9.32
microfocus/service_manager
9.33
microfocus/service_manager
9.34
microfocus/service_manager
9.35
microfocus/service_manager
9.40
microfocus/service_manager
9.41
microfocus/service_manager
9.50
microfocus/service_manager
9.51
Published
Nov 13, 2018
Tracked Since
Feb 18, 2026