Insecure Deserialization Vulnerability in Micro Focus Service Manager
CVE-2019-11666

8.8HIGH

Key Information:

Vendor: Micro Focus
Status: Service Manager
Vendor: CVE Published:; 17 September 2019

🔔 Create Micro Focus Vulnerability Alert

What is CVE-2019-11666?

Micro Focus Service Manager is susceptible to a vulnerability that allows for the insecure deserialization of untrusted data in several versions of the software. This flaw could potentially be exploited by malicious actors to manipulate the application's data handling, leading to unauthorized access or other harmful effects. The vulnerability affects multiple versions from 9.30 to 9.62, highlighting the importance of updating and securing Service Manager installations.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

Affected Version(s)

Service Manager 9.30

Service Manager 9.31

Service Manager 9.32

References

https://softwaresupport.softwaregrp.com/doc/KM03518316

x_refsource_CONFIRM

CVSS V3.1

Score:

8.8

Severity:

HIGH

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

Required

Scope:

Unchanged

Timeline

Vulnerability published
Sep 17, 2019
Vulnerability Reserved
May 1, 2019

JSON

Micro Focus

What is CVE-2019-11666?

Human OS v1.0: Ageing Is an Unpatched Zero-Day Vulnerability.

Affected Version(s)

References

CVSS V3.1

Timeline

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.