module
Micro Focus Operations Bridge Manager Authenticated Remote Code Execution
| Disclosed |
|---|
| Oct 28, 2020 |
Disclosed
Oct 28, 2020
Description
This module exploits an authenticated Java deserialization that affects a truckload of Micro
Focus products: Operations Bridge Manager, Application Performance Management, Data Center Automation,
Universal CMDB, Hybrid Cloud Management and Service Management Automation. However this module
was only tested on Operations Bridge Manager.
Exploiting this vulnerability will result in remote code execution as the root user on Linux or
the SYSTEM user on Windows.
Authentication is required, the module user needs to login to the application and obtain the
authenticated LWSSO_COOKIE_KEY, which should be fed to the module. Any authenticated user can
exploit this vulnerability, even the lowest privileged ones.
For more information refer to the advisory link below.
Focus products: Operations Bridge Manager, Application Performance Management, Data Center Automation,
Universal CMDB, Hybrid Cloud Management and Service Management Automation. However this module
was only tested on Operations Bridge Manager.
Exploiting this vulnerability will result in remote code execution as the root user on Linux or
the SYSTEM user on Windows.
Authentication is required, the module user needs to login to the application and obtain the
authenticated LWSSO_COOKIE_KEY, which should be fed to the module. Any authenticated user can
exploit this vulnerability, even the lowest privileged ones.
For more information refer to the advisory link below.
NEW
Explore Exposure Command
Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.