Sensitive Data Exposure in Micro Focus Service Manager Product
CVE-2019-11664

6.5MEDIUM

Key Information:

Vendor: Micro Focus
Status: Service Manager
Vendor: CVE Published:; 18 September 2019

🔔 Create Micro Focus Vulnerability Alert

What is CVE-2019-11664?

The Micro Focus Service Manager product suffers from a vulnerability that allows sensitive information, such as passwords, to be transmitted in clear text within web browsers. This flaw impacts multiple versions, posing a risk of data exposure and potential misuse by unauthorised parties, which could lead to further security breaches.

Affected Version(s)

Service Manager 9.30

Service Manager 9.31

Service Manager 9.32

References

https://softwaresupport.softwaregrp.com/doc/KM03518316

x_refsource_CONFIRM

CVSS V3.1

Score:

6.5

Severity:

MEDIUM

Confidentiality:

High

Integrity:

None

Availability:

High

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

Low

User Interaction:

None

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Sep 18, 2019
Vulnerability Reserved
May 1, 2019