.. / CVE-2020-11853

Exploit for Micro Focus Operations Bridge Manager <=2020.05 - Remote Code Execution (CVE-2020-11853)

Description:

Micro Focus Operations Bridge Manager in versions 2020.05 and below is vulnerable to remote code execution via UCMDB. The vulnerability allows remote attackers to execute arbitrary code on affected installations of Data Center Automation. An attack requires network access and authentication as a valid application user. Originated from Metasploit module (#14654).

Nuclei Template

View the template here CVE-2020-11853.yaml

Validate with Nuclei

echo "$URL" | nuclei -t ~/nuclei-templates/http/cves/2020/CVE-2020-11853.yaml

References:

https://softwaresupport.softwaregrp.com/doc/KM03747948
http://packetstormsecurity.com/files/161366/Micro-Focus-Operations-Bridge-Manager-Remote-Code-Execution.html
https://softwaresupport.softwaregrp.com/doc/KM03747658
https://nvd.nist.gov/vuln/detail/CVE-2020-11853
https://softwaresupport.softwaregrp.com/doc/KM03747949

.. / CVE-2020-11853 if(localStorage["style"]=="true"){ document.getElementById('pagestyle').setAttribute('href','/assets/styleDark.css'); document.querySelector('input[type="checkbox"]').checked = true }

Exploit for Micro Focus Operations Bridge Manager <=2020.05 - Remote Code Execution (CVE-2020-11853)

Description:

Nuclei Template

Validate with Nuclei

.. / CVE-2020-11853