CVE-2019-17085
MEDIUMMicro Focus Operations Agent 12.0-12.11 - XML External Entity Injection
Title source: llmDescription
XXE attack vulnerability on Micro Focus Operations Agent, affected version 12.0, 12.01, 12.02, 12.03, 12.04, 12.05, 12.06, 12.10, 12.11. The vulnerability could be exploited to do an XXE attack on Operations Agent.
References (1)
Core 1
Core References
Various Sources x_refsource_confirm
https://softwaresupport.softwaregrp.com/doc/KM03556426
Scores
CVSS v3
6.5
EPSS
0.0021
EPSS Percentile
42.8%
Attack Vector
NETWORK
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
Details
CWE
CWE-611
Status
published
Products (9)
microfocus/operations_agent
12.0
microfocus/operations_agent
12.01
microfocus/operations_agent
12.02
microfocus/operations_agent
12.03
microfocus/operations_agent
12.04
microfocus/operations_agent
12.05
microfocus/operations_agent
12.06
microfocus/operations_agent
12.10
microfocus/operations_agent
12.11
Published
Nov 18, 2019
Tracked Since
Feb 18, 2026