- Description
- An arbitrary code execution vulnerability exists in Micro Focus Application Performance Management, affecting versions 9.40, 9.50 and 9.51. The vulnerability could allow remote attackers to execute arbitrary code on affected installations of APM.
- Source
- security@opentext.com
- NVD status
- Modified
CVSS 3.1
- Type
- Primary
- Base score
- 9.8
- Impact score
- 5.9
- Exploitability score
- 3.9
- Vector string
- CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
- Severity
- CRITICAL
CVSS 2.0
- Type
- Primary
- Base score
- 7.5
- Impact score
- 6.4
- Exploitability score
- 10
- Vector string
- AV:N/AC:L/Au:N/C:P/I:P/A:P
- Hype score
- Not currently trending
[
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:a:microfocus:application_performance_management:9.40:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "3C520D74-D011-4C1E-9429-BA0A38BC0D28"
},
{
"criteria": "cpe:2.3:a:microfocus:application_performance_management:9.50:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "9E3938F6-E50A-480B-8219-0B210983525E"
},
{
"criteria": "cpe:2.3:a:microfocus:application_performance_management:9.51:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "C419162B-A41C-49D0-9293-5F10B8A911EB"
}
],
"operator": "OR"
}
]
}
]