CVE-2018-6491

EUVD-2018-18247
Local Escalation of Privilege vulnerability to Micro Focus Universal CMDB, versions 10.20, 10.21, 10.22, 10.30, 10.31, 10.32, 10.33, 11.00. The vulnerability could be remotely exploited to Local Escalation of Privilege.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTPrimary
8.1 HIGH
NETWORK
HIGH
NONE
CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
microfocusCNA
8.1 HIGH
NETWORK
HIGH
NONE
CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
Base Score
CVSS 3.x
EPSS Score
Percentile: 33%
Affected Products (NVD)
VendorProductVersion
microfocusucmdb_configuration_manager
10.20
microfocusucmdb_configuration_manager
10.21
microfocusucmdb_configuration_manager
10.22
microfocusucmdb_configuration_manager
10.30
microfocusucmdb_configuration_manager
10.31
microfocusucmdb_configuration_manager
10.32
microfocusucmdb_configuration_manager
10.33
microfocusucmdb_configuration_manager
11.00
𝑥
= Vulnerable software versions
References
http://www.securitytracker.com/id/1040680
https://softwaresupport.softwaregrp.com/document/-/facetsearch/document/KM03141180
http://www.securitytracker.com/id/1040680
https://softwaresupport.softwaregrp.com/document/-/facetsearch/document/KM03141180