CVE-2019-11653

Remote Access Control Bypass in Micro Focus Content Manager. versions 9.1, 9.2, 9.3. The vulnerability could be exploited to manipulate data stored during another user?s CheckIn request.

Published : 2019-08-07 17:15 Updated : 2019-10-10 12:09

5.5
CVSS Score More info
Score 5.5 / 10
5.5
Vendor Product Version URI
Microfocus Content Manager 9.1.0 cpe:/a:microfocus:content_manager:9.1.0:patch6_hotfix1
Microfocus Content Manager 9.1.0 cpe:/a:microfocus:content_manager:9.1.0:patch6_hotfix2
Microfocus Content Manager 9.1.0 cpe:/a:microfocus:content_manager:9.1.0:patch6_hotfix3
Microfocus Content Manager 9.1.0 cpe:/a:microfocus:content_manager:9.1.0:patch6_hotfix4
Microfocus Content Manager 9.1.0 cpe:/a:microfocus:content_manager:9.1.0:patch6_hotfix5
Microfocus Content Manager 9.2.0 cpe:/a:microfocus:content_manager:9.2.0:patch3_hotfix1
Microfocus Content Manager 9.3.0 cpe:/a:microfocus:content_manager:9.3.0:patch2_hotfix1
Microfocus Content Manager 9.3.0 cpe:/a:microfocus:content_manager:9.3.0:patch2_hotfix2
  1. Microfocus (1) Search CVE
    1. Content Manager (3) Search CVE
      1. 9.1.0
      2. 9.2.0
      3. 9.3.0

CWE

ID Name Description Links
CWE-284 Improper Access Control The software does not restrict or incorrectly restricts access to a resource from an unauthorized actor. CVE

History of changes

Date Event
2019-08-14 21:08
2019-08-08 21:15
2019-08-07 17:15

New CVE