CVE-2019-11663

MEDIUM

Micro Focus Service Manager <9.62 - Info Disclosure

Title source: llm

Description

Clear text credentials are used to access managers app in Tomcat in Micro Focus Service Manager product versions 9.30, 9.31, 9.32, 9.33, 9.34, 9.35, 9.40, 9.41, 9.50, 9.51, 9.52, 9.60, 9.61, 9.62. The vulnerability could be exploited to allow sensitive data exposure.

References (1)

[Various Sources] https://softwaresupport.softwaregrp.com/doc/KM03518316

Scores

CVSS v3 6.5

EPSS 0.0010

EPSS Percentile 26.7%

Attack Vector NETWORK

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

Classification

CWE

CWE-522 CWE-311

Status published

Affected Products (1)

microfocus/service_manager < 9.62

Timeline

Published Sep 18, 2019

Tracked Since Feb 18, 2026