Remote Access Control Bypass in Micro Focus Content Manager
CVE-2019-11653

5.4MEDIUM

Key Information:

Vendor: Micro Focus
Status: Content Manager
Vendor: CVE Published:; 7 August 2019

🔔 Create Micro Focus Vulnerability Alert

What is CVE-2019-11653?

The vulnerability allows unauthorized manipulation of data during another user's CheckIn request in Micro Focus Content Manager. This flaw affects versions 9.1, 9.2, and 9.3, creating a significant risk if exploited. Attackers may gain unauthorized access to modify sensitive information stored within the application, compromising data integrity and user trust. This highlights the need for timely updates and security assessments to safeguard against potential exploitation.

Affected Version(s)

Content Manager 9.1

Content Manager 9.2

Content Manager 9.3

References

https://softwaresupport.softwaregrp.com/doc/KM03489552

x_refsource_CONFIRM

https://ashsecurity.wordpress.com/2019/07/09/cm-cve/

x_refsource_MISC

CVSS V3.1

Score:

5.4

Severity:

MEDIUM

Confidentiality:

Low

Integrity:

Low

Availability:

Low

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

Low

User Interaction:

None

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Aug 7, 2019
Vulnerability Reserved
May 1, 2019