Vulnerability Monitor

The vendors, products, and vulnerabilities you care about

CVE-2018-18589

A potential Remote Arbitrary Code Execution vulnerability has been identified in Micro Focus' Real User Monitoring software, versions 9.26IP, 9.30, 9.40 and 9.50. The vulnerability could be exploited to execute arbitrary code.

Published

2018-10-23T17:29:00.267

Last Modified

2024-11-21T03:56:12.930

Status

Modified

Source

[email protected]

Severity

CVSSv3.0: 6.3 (MEDIUM)

CVSSv2 Vector

AV:N/AC:L/Au:S/C:P/I:P/A:P

  • Access Vector: NETWORK
  • Access Complexity: LOW
  • Authentication: SINGLE
  • Confidentiality Impact: PARTIAL
  • Integrity Impact: PARTIAL
  • Availability Impact: PARTIAL
Exploitability Score

8.0

Impact Score

6.4

Weaknesses
  • Type: Primary
    CWE-502
Affected Vendors & Products
Type Vendor Product Version/Range Vulnerable?
Application microfocus real_user_monitoring 9.26ip Yes
Application microfocus real_user_monitoring 9.30 Yes
Application microfocus real_user_monitoring 9.40 Yes
Application microfocus real_user_monitoring 9.50 Yes
References