NVD - CVE-2020-11844

Vulnerability Change Records for CVE-2020-11844

Change History

CVE Modified by SUSE 6/15/2020 8:15:11 PM

Action	Type	Old Value	New Value
Added	CVSS V3.1		SUSE AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H
Added	CWE		SUSE CWE-863
Changed	Description	There is an Incorrect Authorization vulnerability in Micro Focus Service Management Automation (SMA) product affecting version 2018.05 to 2020.02. The vulnerability could be exploited to provide unauthorized access to the Container Deployment Foundation.	Incorrect Authorization vulnerability in Micro Focus Container Deployment Foundation component affects products: - Hybrid Cloud Management. Versions 2018.05 to 2019.11. - ArcSight Investigate. versions 2.4.0, 3.0.0 and 3.1.0. - ArcSight Transformation Hub. versions 3.0.0, 3.1.0, 3.2.0. - ArcSight Interset. version 6.0.0. - ArcSight ESM (when ArcSight Fusion 1.0 is installed). version 7.2.1. - Service Management Automation (SMA). versions 2018.05 to 2020.02 - Operation Bridge Suite (Containerized). Versions 2018.05 to 2020.02. - Network Operation Management. versions 2017.11 to 2019.11. - Data Center Automation Containerized. versions 2018.05 to 2019.11 - Identity Intelligence. versions 1.1.0 and 1.1.1. The vulnerability could be exploited to provide unauthorized access to the Container Deployment Foundation.
Added	Reference		https://softwaresupport.softwaregrp.com/doc/KM03645628 [No Types Assigned]
Added	Reference		https://softwaresupport.softwaregrp.com/doc/KM03645629 [No Types Assigned]
Added	Reference		https://softwaresupport.softwaregrp.com/doc/KM03645630 [No Types Assigned]
Added	Reference		https://softwaresupport.softwaregrp.com/doc/KM03645636 [No Types Assigned]
Added	Reference		https://softwaresupport.softwaregrp.com/doc/KM03645642 [No Types Assigned]
Added	Reference		https://support.microfocus.com/kb/doc.php?id=7024637 [No Types Assigned]