CVE-2019-11651

Published Oct 2, 2019
Last updated a year ago
CVSS medium 6.1
Overview

Description: Reflected XSS on Micro Focus Enterprise Developer and Enterprise Server, all versions prior to version 3.0 Patch Update 20, version 4.0 Patch Update 12, and version 5.0 Patch Update 2. The vulnerability could be exploited to redirect a user to a malicious page or forge certain types of web requests.
Source: security@opentext.com
NVD status: Modified
Risk scores

CVSS 3.1

Type: Primary
Base score: 6.1
Impact score: 2.7
Exploitability score: 2.8
Vector string: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
Severity: MEDIUM
CVSS 2.0

Type: Primary
Base score: 4.3
Impact score: 2.9
Exploitability score: 8.6
Vector string: AV:N/AC:M/Au:N/C:N/I:P/A:N
Weaknesses

nvd@nist.gov: CWE-79
Hype score: Not currently trending
Configurations

[
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:a:microfocus:enterprise_developer:3.0:-:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "E520C725-28E7-447E-8D13-0FCA3E1102DB"
          },
          {
            "criteria": "cpe:2.3:a:microfocus:enterprise_developer:3.0:patch_1:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "D9737A07-8C0C-4498-B00D-C917D736CFA0"
          },
          {
            "criteria": "cpe:2.3:a:microfocus:enterprise_developer:3.0:patch_10:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "A23DC4FD-C8D2-4FED-B7F2-4FB07E650D1F"
          },
          {
            "criteria": "cpe:2.3:a:microfocus:enterprise_developer:3.0:patch_11:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "BE28ED29-373B-4815-9EB9-E70D4A9C893C"
          },
          {
            "criteria": "cpe:2.3:a:microfocus:enterprise_developer:3.0:patch_12:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "A0EA0405-8885-4C91-B804-1785627DDF61"
          },
          {
            "criteria": "cpe:2.3:a:microfocus:enterprise_developer:3.0:patch_13:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "5ECD6117-C0B2-42C5-BB29-DB1BE50EF266"
          },
          {
            "criteria": "cpe:2.3:a:microfocus:enterprise_developer:3.0:patch_14:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "434720E2-A9BA-4DA6-9316-0C1737699461"
          },
          {
            "criteria": "cpe:2.3:a:microfocus:enterprise_developer:3.0:patch_15:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "274B0CF9-93C6-473A-895F-5DEB47E7A635"
          },
          {
            "criteria": "cpe:2.3:a:microfocus:enterprise_developer:3.0:patch_16:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "0DE0381D-F512-4194-9D34-076E87152AD5"
          },
          {
            "criteria": "cpe:2.3:a:microfocus:enterprise_developer:3.0:patch_17:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "46806C31-4ED2-4C09-AB48-95DFD90A63B3"
          },
          {
            "criteria": "cpe:2.3:a:microfocus:enterprise_developer:3.0:patch_18:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "27026971-EDBB-4EE4-8D63-91889BEE2A31"
          },
          {
            "criteria": "cpe:2.3:a:microfocus:enterprise_developer:3.0:patch_19:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "88A36343-FD91-4B64-BA8F-A7A8601C2578"
          },
          {
            "criteria": "cpe:2.3:a:microfocus:enterprise_developer:3.0:patch_2:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "A4E526D3-3B1C-4313-A6AE-68BF877BB1C6"
          },
          {
            "criteria": "cpe:2.3:a:microfocus:enterprise_developer:3.0:patch_3:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "80C4E997-985E-418D-B332-128620D6399D"
          },
          {
            "criteria": "cpe:2.3:a:microfocus:enterprise_developer:3.0:patch_4:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "16DB159A-B3BF-4F22-A7E5-798B2BE935BC"
          },
          {
            "criteria": "cpe:2.3:a:microfocus:enterprise_developer:3.0:patch_5:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "95EDC120-8237-4C15-AACD-82970717B7F1"
          },
          {
            "criteria": "cpe:2.3:a:microfocus:enterprise_developer:3.0:patch_6:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "D9D20037-A0AD-4122-AF97-474052DCA65F"
          },
          {
            "criteria": "cpe:2.3:a:microfocus:enterprise_developer:3.0:patch_7:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "BF3D08EE-845B-4952-8F61-41624A9A74B9"
          },
          {
            "criteria": "cpe:2.3:a:microfocus:enterprise_developer:3.0:patch_8:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "6256ED5F-2BDF-45A3-BF38-FC5B725FE293"
          },
          {
            "criteria": "cpe:2.3:a:microfocus:enterprise_developer:3.0:patch_9:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "6E17A291-5BD3-4324-B0C2-4620AA1BE30A"
          },
          {
            "criteria": "cpe:2.3:a:microfocus:enterprise_developer:4.0:-:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "53034D98-15C1-4628-90E8-80A8BA25C800"
          },
          {
            "criteria": "cpe:2.3:a:microfocus:enterprise_developer:4.0:patch_1:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "B80E468E-8BB3-44A6-B781-57238B9FECE6"
          },
          {
            "criteria": "cpe:2.3:a:microfocus:enterprise_developer:4.0:patch_10:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "74B717E3-AAAF-4F99-8672-382EBFADCC87"
          },
          {
            "criteria": "cpe:2.3:a:microfocus:enterprise_developer:4.0:patch_11:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "5F35F690-3FB2-45D6-9798-7CD66F7FE5C3"
          },
          {
            "criteria": "cpe:2.3:a:microfocus:enterprise_developer:4.0:patch_2:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "B9B1A025-7452-4C8E-A4D0-B0B2E991C2AA"
          },
          {
            "criteria": "cpe:2.3:a:microfocus:enterprise_developer:4.0:patch_3:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "4DEAA49C-ED22-4257-AF66-561BD42BEECF"
          },
          {
            "criteria": "cpe:2.3:a:microfocus:enterprise_developer:4.0:patch_4:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "9A893B7D-C8BA-4CDD-BA75-7A095C1F6803"
          },
          {
            "criteria": "cpe:2.3:a:microfocus:enterprise_developer:4.0:patch_5:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "932C078A-13F9-45F1-81D1-A0EB0BF40310"
          },
          {
            "criteria": "cpe:2.3:a:microfocus:enterprise_developer:4.0:patch_6:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "25AB01B7-7264-4AEE-A4B6-895646C15FE8"
          },
          {
            "criteria": "cpe:2.3:a:microfocus:enterprise_developer:4.0:patch_7:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "50BC7F2E-1A89-4273-BAAD-3F56F998E444"
          },
          {
            "criteria": "cpe:2.3:a:microfocus:enterprise_developer:4.0:patch_8:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "06E684DE-4F56-4DB4-BBA6-8DCF7ECB8E74"
          },
          {
            "criteria": "cpe:2.3:a:microfocus:enterprise_developer:4.0:patch_9:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "5B703A7A-1400-4362-9710-7038022BA539"
          },
          {
            "criteria": "cpe:2.3:a:microfocus:enterprise_developer:5.0:-:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "3C73BDBE-2719-4020-B953-1580BB78CB0A"
          },
          {
            "criteria": "cpe:2.3:a:microfocus:enterprise_developer:5.0:patch_1:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "B6AD863A-E5D2-4193-B72C-94B823EBA110"
          },
          {
            "criteria": "cpe:2.3:a:microfocus:enterprise_server:3.0:-:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "667C08F5-8465-4458-94E9-E31324CBC712"
          },
          {
            "criteria": "cpe:2.3:a:microfocus:enterprise_server:3.0:patch_1:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "90E753B3-48E5-4B3D-B34D-4326E3125757"
          },
          {
            "criteria": "cpe:2.3:a:microfocus:enterprise_server:3.0:patch_10:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "A75250AB-2777-4107-B967-CD469E2BF322"
          },
          {
            "criteria": "cpe:2.3:a:microfocus:enterprise_server:3.0:patch_11:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "40ACBEFB-0D47-4650-9D4B-080DFA4C3E88"
          },
          {
            "criteria": "cpe:2.3:a:microfocus:enterprise_server:3.0:patch_12:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "B5D82D15-2486-4187-9B10-57FD503E70A7"
          },
          {
            "criteria": "cpe:2.3:a:microfocus:enterprise_server:3.0:patch_13:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "A927325F-31C7-4298-B66B-555AA9F1C7EC"
          },
          {
            "criteria": "cpe:2.3:a:microfocus:enterprise_server:3.0:patch_14:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "08026E77-2632-48E7-B9BF-4DDEFF6622E3"
          },
          {
            "criteria": "cpe:2.3:a:microfocus:enterprise_server:3.0:patch_15:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "ABD5A657-2A33-414F-AE89-152246789302"
          },
          {
            "criteria": "cpe:2.3:a:microfocus:enterprise_server:3.0:patch_16:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "C1AE2401-8A20-46A4-88FD-3643F29B6DC3"
          },
          {
            "criteria": "cpe:2.3:a:microfocus:enterprise_server:3.0:patch_17:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "92560793-428E-4F9A-98CA-CFAAC64B5D1A"
          },
          {
            "criteria": "cpe:2.3:a:microfocus:enterprise_server:3.0:patch_18:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "6CF4D68C-155D-4552-9CB5-736BD68CCB23"
          },
          {
            "criteria": "cpe:2.3:a:microfocus:enterprise_server:3.0:patch_19:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "C2726E17-7AA5-442C-931C-8440FFC6C164"
          },
          {
            "criteria": "cpe:2.3:a:microfocus:enterprise_server:3.0:patch_2:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "CE22919D-02DF-4262-817E-3200A1A08BFB"
          },
          {
            "criteria": "cpe:2.3:a:microfocus:enterprise_server:3.0:patch_3:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "AC98A2D0-C3E6-4742-881A-C5C52896BC5F"
          },
          {
            "criteria": "cpe:2.3:a:microfocus:enterprise_server:3.0:patch_4:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "3C880850-CA2D-4240-ACD9-C59A91EA78AF"
          },
          {
            "criteria": "cpe:2.3:a:microfocus:enterprise_server:3.0:patch_5:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "3DF51F29-C0A3-453A-9170-1FD2756CE2FD"
          },
          {
            "criteria": "cpe:2.3:a:microfocus:enterprise_server:3.0:patch_6:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "DE4594B7-8798-4714-B543-75192EAF1378"
          },
          {
            "criteria": "cpe:2.3:a:microfocus:enterprise_server:3.0:patch_7:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "2594DF03-450C-4A92-8FBB-F6BF4D182D36"
          },
          {
            "criteria": "cpe:2.3:a:microfocus:enterprise_server:3.0:patch_8:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "825A5264-A8D2-4494-A851-C01CC83BFE94"
          },
          {
            "criteria": "cpe:2.3:a:microfocus:enterprise_server:3.0:patch_9:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "10F3523F-1AAA-411C-9E57-B2734D5AEBD4"
          },
          {
            "criteria": "cpe:2.3:a:microfocus:enterprise_server:4.0:-:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "E8F59F96-F1CD-4750-94AE-FF80EAA5C461"
          },
          {
            "criteria": "cpe:2.3:a:microfocus:enterprise_server:4.0:patch_1:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "CE30DDDB-9362-4122-B3AB-0231E3E0EEFA"
          },
          {
            "criteria": "cpe:2.3:a:microfocus:enterprise_server:4.0:patch_10:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "A155B98E-A0A8-4297-9EAC-67D8C51991F6"
          },
          {
            "criteria": "cpe:2.3:a:microfocus:enterprise_server:4.0:patch_11:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "2D00EC75-5267-4FD4-BA3D-196F0D41F3E6"
          },
          {
            "criteria": "cpe:2.3:a:microfocus:enterprise_server:4.0:patch_2:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "5A64FAB0-BECF-4E88-B137-F18EE13F5DDD"
          },
          {
            "criteria": "cpe:2.3:a:microfocus:enterprise_server:4.0:patch_3:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "1B89CFB2-B9F1-468C-BED2-3B676834C6E8"
          },
          {
            "criteria": "cpe:2.3:a:microfocus:enterprise_server:4.0:patch_4:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "6C6F7E3B-B3C4-4EF6-BEF7-3798CC373195"
          },
          {
            "criteria": "cpe:2.3:a:microfocus:enterprise_server:4.0:patch_5:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "2199AF29-FB62-4A80-83D9-9C7267CE8ED3"
          },
          {
            "criteria": "cpe:2.3:a:microfocus:enterprise_server:4.0:patch_6:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "390B3CF7-F004-4889-88D2-0F537E10429C"
          },
          {
            "criteria": "cpe:2.3:a:microfocus:enterprise_server:4.0:patch_7:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "3DB67225-D7D5-49F6-AA6C-1DFC5EEEC665"
          },
          {
            "criteria": "cpe:2.3:a:microfocus:enterprise_server:4.0:patch_8:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "542F1504-A7C6-4E01-9A08-0905BD706596"
          },
          {
            "criteria": "cpe:2.3:a:microfocus:enterprise_server:4.0:patch_9:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "9B2B4901-D5EB-43C1-90DC-02735283FA5E"
          },
          {
            "criteria": "cpe:2.3:a:microfocus:enterprise_server:5.0:-:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "600A95A6-A1F6-45F1-8856-FB1968E084ED"
          },
          {
            "criteria": "cpe:2.3:a:microfocus:enterprise_server:5.0:patch_1:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "54E0EEC2-C4F3-4C79-A587-C72BC6231C27"
          }
        ],
        "operator": "OR"
      }
    ]
  }
]
Overview

Risk scores

CVSS 3.1

CVSS 2.0

Weaknesses

Social media

Configurations

References
