CVE-2019-11646

HIGH

Micro Focus Service Manager <9.62 - RCE & Info Disclosure

Title source: llm
STIX 2.1

Description

Remote unauthorized command execution and unauthorized disclosure of information in Micro Focus Service Manager, versions 9.30, 9.31, 9.32, 9.33, 9.34, 9.35, 9.40, 9.41, 9.50, 9.51, 9.52, 9.60, 9.61. This vulnerability could allow Remote unauthorized command execution and unauthorized disclosure of information.

References (1)

Core 1
Core References

Scores

CVSS v3 8.8
EPSS 0.0251
EPSS Percentile 83.0%
Attack Vector NETWORK
CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Details

Status published
Products (13)
microfocus/service_manager 9.30
microfocus/service_manager 9.31
microfocus/service_manager 9.32
microfocus/service_manager 9.33
microfocus/service_manager 9.34
microfocus/service_manager 9.35
microfocus/service_manager 9.40
microfocus/service_manager 9.41
microfocus/service_manager 9.50
microfocus/service_manager 9.51
... and 3 more
Published Jun 03, 2019
Tracked Since Feb 18, 2026