virus logo Intrusion Prevention

Micro.Focus.Secure.Messaging.Gateway.Remote.Code.Execution

description-logoDescription

This indicates an attack attempt to exploit a Remote Code Execution Vulnerability in Micro Focus Secure Messaging Gateway.
The vulnerability is due to an error in the vulnerable application when handling a maliciously crafted HTTP request. An attacker can exploit this to overwrite and execute arbitrary code on the affected machine via a crafted HTTP request.

affected-products-logoAffected Products

Micro Focus Secure Messaging Gateway version 470 and prior

Impact logoImpact

System Compromise: Remote attackers can gain control of vulnerable systems.

recomended-action-logoRecommended Actions

Apply the most recent upgrade or patch from the vendor.
https://support.microfocus.com/kb/doc.php?id=7023132
https://support.microfocus.com/kb/doc.php?id=7023133

Telemetry logoTelemetry

Coverage

IPS (Regular DB)
IPS (Extended DB)

Version Updates

Date Version Detail
2019-11-22 15.729 Name:MicroFocus.
Secure.
Messaging.
Gateway.
Remote.
Code.
Execution:Micro.
Focus.
Secure.
Messaging.
Gateway.
Remote.
Code.
Execution
2018-09-26 13.458 Default_action:pass:drop

References

7023133 7023132
ID 46511
Created Aug 08, 2018
Updated Nov 21, 2019
Risk black-background-circle-icon black-background-circle-icon black-background-circle-icon black-background-circle-icon black-background-circle-icon
CVE ID CVE-2018-12464 CVE-2018-12465
Exploit Prediction Score 10.97%
Default Action drop
Active
Affected OS Linux
Affected App Other