Solutions Business Manager
CVE-2018-7682
MEDIUM
Severity by source
AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
Primary rating from NVD · only source for this CVE.
CVSS VectorNVD
CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
Lifecycle Timeline
1DescriptionNVD
Micro Focus Solutions Business Manager versions prior to 11.4 allows a user to invoke SBM RESTful services across domains.
AnalysisAI
Micro Focus Solutions Business Manager versions prior to 11.4 allows a user to invoke SBM RESTful services across domains. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.
Technical ContextAI
This vulnerability is classified under CWE-532. Micro Focus Solutions Business Manager versions prior to 11.4 allows a user to invoke SBM RESTful services across domains. Affected products include: Microfocus Solutions Business Manager. Version information: prior to 11.4.
RemediationAI
No vendor patch is available at time of analysis. Monitor vendor advisories for updates. Apply vendor patches when available. Implement network segmentation and monitoring as interim mitigations.
More in Solutions Business Manager
View allMicro Focus Solutions Business Manager versions prior to 11.4 when ASP.NET is configured with execute permission on the
Micro Focus Solutions Business Manager versions prior to 11.4 might reveal certain sensitive information in server log f
Micro Focus Solution Business Manager versions prior to 11.4.2 is susceptible to open redirect. Rated medium severity (C
Micro Focus Solutions Business Manager versions prior to 11.4 can reflect back HTTP header values. Rated medium severity
Micro Focus Solutions Business Manager versions prior to 11.4 allows JavaScript to be embedded in URLs placed in "Favori
Same technique Information Disclosure
View allShare
External POC / Exploit Code
Leaving vuln.today