Remote Code Execution Vulnerability in Micro Focus Data Protector
CVE-2019-3476

9.8CRITICAL

Key Information:

Vendor: Microfocus
Status: Micro Focus Data Protector
Vendor: CVE Published:; 25 March 2019

What is CVE-2019-3476?

A remote code execution vulnerability exists in Micro Focus Data Protector version 10.03, which could enable an attacker to execute arbitrary code on the target system. This flaw can be exploited remotely, potentially allowing unauthorized access and control over sensitive data and operations. Organizations using affected versions are advised to apply the recommended updates and maintain best practices for securing their environments.

Affected Version(s)

Micro Focus Data Protector 10.03

References

https://softwaresupport.softwaregrp.com/doc/KM03337614

x_refsource_MISC

CVSS V3.1

Score:

9.8

Severity:

CRITICAL

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Mar 25, 2019
Vulnerability Reserved
Dec 31, 2018

Microfocus

What is CVE-2019-3476?

Affected Version(s)

References

CVSS V3.1

Timeline