MFSBGN03806 rev.1 - HP Network Automation Software, Network Operations Management (NOM) Suite, Multiple Vulnerabilities
CVE-2018-6492

4.7MEDIUM

Key Information:

Vendor: Micro Focus
Status: Network Operations Management Ultimate; Network Automation
Vendor: CVE Published:; 9 May 2018

🔔 Create Micro Focus Vulnerability Alert

Badges

👾 Exploit Exists

What is CVE-2018-6492?

Persistent Cross-Site Scripting, and non-persistent HTML Injection in HP Network Operations Management Ultimate, version 2017.07, 2017.11, 2018.02 and in Network Automation, version 10.00, 10.10, 10.11, 10.20, 10.30, 10.40, 10.50. This vulnerability could be remotely exploited to allow persistent cross-site scripting, and non-persistent HTML Injection.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

Affected Version(s)

Network Automation 10.00, 10.10, 10.11, 10.20, 10.30, 10.40, 10.50

Network Operations Management Ultimate 2017.07, 2017.11, 2018.02

References

https://softwaresupport.softwaregrp.com/document/-/facets...

x_refsource_CONFIRM

http://www.securitytracker.com/id/1040900

vdb-entryx_refsource_SECTRACK

http://www.securityfocus.com/bid/104131

vdb-entryx_refsource_BID

CVSS V3.1

Score:

4.7

Severity:

MEDIUM

Confidentiality:

Low

Integrity:

Low

Availability:

Low

Attack Vector:

Network

Attack Complexity:

High

Privileges Required:

None

User Interaction:

Required

Scope:

Changed

Timeline

👾
Exploit known to exist
Aug 5, 2024
Vulnerability published
May 9, 2018
Vulnerability Reserved
Feb 1, 2018

Credit

Micro Focus would like to thank Tilman Bender, Dennis Herrmann and Bastian Kanbach of Context Information Security GmbH for reporting this issue to cyber-psrt@microfocus.com.

JSON

Micro Focus