Vulnerability Details : CVE-2019-11661
Allow changes to some table by non-SysAdmin in Micro Focus Service Manager product versions 9.30, 9.31, 9.32, 9.33, 9.34, 9.35, 9.40, 9.41, 9.50, 9.51, 9.52, 9.60, 9.61, 9.62. This vulnerability could be exploited to allow unauthorized access and modification of data.
Published
2019-09-18 22:15:11
Updated
2020-08-24 17:37:01
Vulnerability category: Bypass
Exploit prediction scoring system (EPSS) score for CVE-2019-11661
Probability of exploitation activity in the next 30 days: 0.08%
Percentile, the proportion of vulnerabilities that are scored at or less: ~ 33 % EPSS Score History EPSS FAQ
CVSS scores for CVE-2019-11661
Base Score | Base Severity | CVSS Vector | Exploitability Score | Impact Score | Score Source |
---|---|---|---|---|---|
6.5
|
MEDIUM | AV:N/AC:L/Au:S/C:P/I:P/A:P |
8.0
|
6.4
|
NIST |
8.3
|
HIGH | CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:L |
2.8
|
5.5
|
NIST |
References for CVE-2019-11661
-
https://softwaresupport.softwaregrp.com/doc/KM03518316
MySupport - Micro Focus Software SupportVendor Advisory
Products affected by CVE-2019-11661
- cpe:2.3:a:microfocus:service_manager:*:*:*:*:*:*:*:*