Vulnerability Monitor

The vendors, products, and vulnerabilities you care about

CVE-2019-3493


A potential security vulnerability has been identified in Micro Focus Network Automation Software 9.20, 9.21, 10.00, 10.10, 10.20, 10.30, 10.40, 10.50, 2018.05, 2018.08, 2018.11, and Micro Focus Network Operations Management (NOM) all versions. The vulnerability could be remotely exploited to Remote Code Execution.


Published

2019-04-29T16:29:00.733

Last Modified

2024-11-21T04:42:08.050

Status

Modified

Source

[email protected]

Severity

CVSSv3.0: 8.8 (HIGH)

CVSSv2 Vector

AV:N/AC:L/Au:S/C:P/I:P/A:P

  • Access Vector: NETWORK
  • Access Complexity: LOW
  • Authentication: SINGLE
  • Confidentiality Impact: PARTIAL
  • Integrity Impact: PARTIAL
  • Availability Impact: PARTIAL
Exploitability Score

8.0

Impact Score

6.4

Weaknesses
  • Type: Primary
    NVD-CWE-noinfo

Affected Vendors & Products
Type Vendor Product Version/Range Vulnerable?
Application microfocus network_automation 9.20 Yes
Application microfocus network_automation 9.21 Yes
Application microfocus network_automation 10.00 Yes
Application microfocus network_automation 10.10 Yes
Application microfocus network_automation 10.20 Yes
Application microfocus network_automation 10.40 Yes
Application microfocus network_automation 10.50 Yes
Application microfocus network_automation 2018.05 Yes
Application microfocus network_automation 2018.08 Yes
Application microfocus network_automation 2018.11 Yes
Application microfocus network_operations_management * Yes

References