Vulnerabilites related to Micro Fosus - Identity Manager
CVE-2020-11849 (GCVE-0-2020-11849)
Vulnerability from cvelistv5
Published
2020-07-08 13:30
Modified
2024-09-17 01:30
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- Elevation of privilege and/or unauthorized access
Summary
Elevation of privilege and/or unauthorized access vulnerability in Micro Focus Identity Manager. Affecting versions prior to 4.7.3 and 4.8.1 hot fix 1. The vulnerability could allow information exposure that can result in an elevation of privilege or an unauthorized access.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Micro Fosus | Identity Manager |
Version: unspecified < Version: unspecified < |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T11:41:59.919Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.netiq.com/documentation/identity-manager-47/releasenotes_idm4741_apps/data/releasenotes_idm4741_apps.html"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.netiq.com/documentation/identity-manager-48/releasenotes_idm4811_apps/data/releasenotes_idm4811_apps.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Identity Manager",
"vendor": "Micro Fosus",
"versions": [
{
"lessThanOrEqual": "4.7.3",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
},
{
"lessThanOrEqual": "4.8.1",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"value": "Mark van Reijn, of IDFocus."
}
],
"datePublic": "2020-07-07T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Elevation of privilege and/or unauthorized access vulnerability in Micro Focus Identity Manager. Affecting versions prior to 4.7.3 and 4.8.1 hot fix 1. The vulnerability could allow information exposure that can result in an elevation of privilege or an unauthorized access."
}
],
"exploits": [
{
"lang": "en",
"value": "Elevation of privilege and/or unauthorized access"
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Elevation of privilege and/or unauthorized access",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-01-06T16:15:30",
"orgId": "f81092c5-7f14-476d-80dc-24857f90be84",
"shortName": "microfocus"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.netiq.com/documentation/identity-manager-47/releasenotes_idm4741_apps/data/releasenotes_idm4741_apps.html"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.netiq.com/documentation/identity-manager-48/releasenotes_idm4811_apps/data/releasenotes_idm4811_apps.html"
}
],
"solutions": [
{
"lang": "en",
"value": "For version 4.7.3 https://www.netiq.com/documentation/identity-manager-47/releasenotes_idm4741_apps/data/releasenotes_idm4741_apps.html\nFor version 4.8.1 https://www.netiq.com/documentation/identity-manager-48/releasenotes_idm4811_apps/data/releasenotes_idm4811_apps.html"
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "Elevation of privilege and unauthorized access in Micro Focus Identity Manager product",
"x_generator": {
"engine": "Vulnogram 0.0.9"
},
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security@microfocus.com",
"DATE_PUBLIC": "2020-07-07T20:00:00.000Z",
"ID": "CVE-2020-11849",
"STATE": "PUBLIC",
"TITLE": "Elevation of privilege and unauthorized access in Micro Focus Identity Manager product"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Identity Manager",
"version": {
"version_data": [
{
"version_affected": "\u003c=",
"version_value": "4.7.3"
},
{
"version_affected": "\u003c=",
"version_value": "4.8.1"
}
]
}
}
]
},
"vendor_name": "Micro Fosus"
}
]
}
},
"credit": [
{
"lang": "eng",
"value": "Mark van Reijn, of IDFocus."
}
],
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Elevation of privilege and/or unauthorized access vulnerability in Micro Focus Identity Manager. Affecting versions prior to 4.7.3 and 4.8.1 hot fix 1. The vulnerability could allow information exposure that can result in an elevation of privilege or an unauthorized access."
}
]
},
"exploit": [
{
"lang": "en",
"value": "Elevation of privilege and/or unauthorized access"
}
],
"generator": {
"engine": "Vulnogram 0.0.9"
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Elevation of privilege and/or unauthorized access"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.netiq.com/documentation/identity-manager-47/releasenotes_idm4741_apps/data/releasenotes_idm4741_apps.html",
"refsource": "MISC",
"url": "https://www.netiq.com/documentation/identity-manager-47/releasenotes_idm4741_apps/data/releasenotes_idm4741_apps.html"
},
{
"name": "https://www.netiq.com/documentation/identity-manager-48/releasenotes_idm4811_apps/data/releasenotes_idm4811_apps.html",
"refsource": "MISC",
"url": "https://www.netiq.com/documentation/identity-manager-48/releasenotes_idm4811_apps/data/releasenotes_idm4811_apps.html"
}
]
},
"solution": [
{
"lang": "en",
"value": "For version 4.7.3 https://www.netiq.com/documentation/identity-manager-47/releasenotes_idm4741_apps/data/releasenotes_idm4741_apps.html\nFor version 4.8.1 https://www.netiq.com/documentation/identity-manager-48/releasenotes_idm4811_apps/data/releasenotes_idm4811_apps.html"
}
],
"source": {
"discovery": "EXTERNAL"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "f81092c5-7f14-476d-80dc-24857f90be84",
"assignerShortName": "microfocus",
"cveId": "CVE-2020-11849",
"datePublished": "2020-07-08T13:30:36.737561Z",
"dateReserved": "2020-04-16T00:00:00",
"dateUpdated": "2024-09-17T01:30:32.313Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}