Solutions Business Manager (SBM) reflected cross site script issue in version prior to 11.5
CVE-2018-19644

5MEDIUM

Key Information:

Vendor

Micro Focus

Status
Solutions Business Manager (sbm)
Vendor
CVE Published:
27 March 2019

What is CVE-2018-19644?

Reflected cross site script issue in Micro Focus Solutions Business Manager (SBM) (formerly Serena Business Manager (SBM)) versions prior to 11.5.

Affected Version(s)

Solutions Business Manager (SBM) < 11.5

References

http://help.serena.com/doc_center/sbm/ver11_5/sbm_release...
x_refsource_CONFIRM

CVSS V3.1

Score:
5
Severity:
MEDIUM
Confidentiality:
High
Integrity:
None
Availability:
High
Attack Vector:
Local
Attack Complexity:
Low
Privileges Required:
Low
User Interaction:
Required
Scope:
Unchanged

Timeline

  • Vulnerability published

  • Vulnerability Reserved

Credit

Special thanks goes to Alessio Sergi of Verizon Enterprise Solutions for responsibly disclosing this CVE.
.