CVE-2020-11844— Incorrect Authorization vulnerability in the Micro Focus Container Deployment Foundation affecting multiple products.

Incorrect Authorization vulnerability in the Micro Focus Container Deployment Foundation affecting multiple products.

Incorrect Authorization vulnerability in Micro Focus Container Deployment Foundation component affects products: - Hybrid Cloud Management. Versions 2018.05 to 2019.11. - ArcSight Investigate. versions 2.4.0, 3.0.0 and 3.1.0. - ArcSight Transformation Hub. versions 3.0.0, 3.1.0, 3.2.0. - ArcSight Interset. version 6.0.0. - ArcSight ESM (when ArcSight Fusion 1.0 is installed). version 7.2.1. - Service Management Automation (SMA). versions 2018.05 to 2020.02 - Operation Bridge Suite (Containerized). Versions 2018.05 to 2020.02. - Network Operation Management. versions 2017.11 to 2019.11. - Data Center Automation Containerized. versions 2018.05 to 2019.11 - Identity Intelligence. versions 1.1.0 and 1.1.1. The vulnerability could be exploited to provide unauthorized access to the Container Deployment Foundation.

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H

授权机制不正确

多款Micro Focus产品Container Deployment Foundation组件安全漏洞

Micro Focus Network Operations Management（NOM）等都是英国Micro Focus公司的产品。Micro Focus Network Operations Management是一套网络运营管理软件。Micro Focus Service Management Automation（SMA）是一套信息技术服务管理软件解决方案。ArcSight Enterprise Security Manager是一套具有事件关联和安全分析功能的企业安全管理软件。 Micro F

N/A

N/A