CVE-2018-18591

A potential unauthorized disclosure of data vulnerability has been identified in Micro Focus Service Manager versions: 9.30, 9.31, 9.32, 9.33, 9.34, 9.35, 9.40, 9.41, 9.50, 9.51. The vulnerability could be exploited to release unauthorized disclosure of data.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTNIST
6.8 MEDIUM
NETWORK
LOW
LOW
CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:N/A:N
microfocusCNA
6.8 MEDIUM
NETWORK
LOW
LOW
CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:N/A:N
CVEADP
---
---
Base Score
CVSS 3.x
EPSS Score
Percentile: 44%
VendorProductVersion
microfocusservice_manager
9.30
microfocusservice_manager
9.31
microfocusservice_manager
9.32
microfocusservice_manager
9.33
microfocusservice_manager
9.34
microfocusservice_manager
9.35
microfocusservice_manager
9.40
microfocusservice_manager
9.41
microfocusservice_manager
9.50
microfocusservice_manager
9.51
𝑥
= Vulnerable software versions
Common Weakness Enumeration
References
https://softwaresupport.softwaregrp.com/document/-/facetsearch/document/KM03286176
https://softwaresupport.softwaregrp.com/document/-/facetsearch/document/KM03286176