Micro.Focus.OBM.Remote.Code.Execution
Description
This indicates an attack attempt to exploit an Insecure Deserialization Vulnerability in Micro Focus Operation Bridge Manager.
A remote, authenticated attacker can exploit this vulnerability by uploading an craft serialized java object to the vulnerable . Successful exploitation results in the execution of arbitrary code within the context of the application.
Affected Products
Micro Focus Operation Bridge Manager version 10.12 and prior
Micro Focus Operation Bridge Manager version 10.60 to version 10.63
Micro Focus Operation Bridge Manager 2017.11
Micro Focus Operation Bridge Manager 2018.02
Micro Focus Operation Bridge Manager 2018.05
Micro Focus Operation Bridge Manager 2018.08
Micro Focus Operation Bridge Manager 2018.11
Micro Focus Operation Bridge Manager 2019.05
Micro Focus Operation Bridge Manager 2019.08
Micro Focus Operation Bridge Manager 2019.11
Micro Focus Operation Bridge Manager 2020.05
Micro Focus Application Performance Management 9.40
Micro Focus Application Performance Management 9.50
Micro Focus Application Performance Management 9.51
Micro Focus Data Center Automation version 2019.11 and prior
Micro Focus Data Center Automation version 2020.02
Micro Focus Data Center Automation version 2020.05
Micro Focus Hybrid Cloud Management version 2018.05 to version 2020.05
Impact
System Compromise: Remote attackers can gain control of vulnerable systems.
Recommended Actions
Apply the most recent upgrade or patch from the vendor.
https://softwaresupport.softwaregrp.com/doc/KM03747657
https://softwaresupport.softwaregrp.com/doc/KM03747658
https://softwaresupport.softwaregrp.com/doc/KM03747854
https://softwaresupport.softwaregrp.com/doc/KM03747948
https://softwaresupport.softwaregrp.com/doc/KM03747949
https://softwaresupport.softwaregrp.com/doc/KM03747950
https://softwaresupport.softwaregrp.com/doc/KM03749879
Telemetry
Coverage
IPS (Regular DB) | |
IPS (Extended DB) |
Version Updates
Date | Version | Detail |
---|---|---|
2023-03-15 | 23.512 | Name:Microfocus. OBM. Remote. Code. Execution:Micro. Focus. OBM. Remote. Code. Execution |
2021-06-10 | 18.096 | Sig Added |
2021-02-25 | 17.023 |