Data Modification Vulnerability in Micro Focus Service Manager
CVE-2019-11669

7.5HIGH

Key Information:

Vendor: Micro Focus
Status: Service Manager
Vendor: CVE Published:; 10 September 2019

🔔 Create Micro Focus Vulnerability Alert

What is CVE-2019-11669?

The vulnerability in Micro Focus Service Manager arises from a flaw in the implementation of a read-only checkbox feature. This flaw allows unauthorized users to modify data that should be immutable. Affected versions 9.60p1, 9.61, and 9.62 are particularly susceptible to this risk, which can lead to unintended changes in critical data, presenting a significant security challenge for organizations relying on this software.

Affected Version(s)

Service Manager 9.60p1

Service Manager 9.61

Service Manager 9.62

References

https://softwaresupport.softwaregrp.com/doc/KM03517334

x_refsource_CONFIRM

CVSS V3.1

Score:

7.5

Severity:

HIGH

Confidentiality:

None

Integrity:

High

Availability:

None

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Sep 10, 2019
Vulnerability Reserved
May 1, 2019