CVE-2019-11646

HIGH

Micro Focus Service Manager <9.62 - RCE & Info Disclosure

Title source: llm

Description

Remote unauthorized command execution and unauthorized disclosure of information in Micro Focus Service Manager, versions 9.30, 9.31, 9.32, 9.33, 9.34, 9.35, 9.40, 9.41, 9.50, 9.51, 9.52, 9.60, 9.61. This vulnerability could allow Remote unauthorized command execution and unauthorized disclosure of information.

References (1)

Core 1

Core References

Various Sources x_refsource_misc

https://softwaresupport.softwaregrp.com/doc/KM03452977

Scores

CVSS v3 8.8

EPSS 0.0054

EPSS Percentile 67.7%

Attack Vector NETWORK

CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Details

Status published

Products (13)

microfocus/service_manager 9.30

microfocus/service_manager 9.31

microfocus/service_manager 9.32

microfocus/service_manager 9.33

microfocus/service_manager 9.34

microfocus/service_manager 9.35

microfocus/service_manager 9.40

microfocus/service_manager 9.41

microfocus/service_manager 9.50

microfocus/service_manager 9.51

... and 3 more

Published Jun 03, 2019

Tracked Since Feb 18, 2026