.. / CVE-2020-11854

Exploit for Micro Focus UCMDB - Remote Code Execution (CVE-2020-11854)

Description:

Micro Focus UCMDB is susceptible to remote code execution. Impacted products include Operation Bridge Manager versions 2020.05, 2019.11, 2019.05, 2018.11, 2018.05, 10.63,10.62, 10.61, 10.60, 10.12, 10.11, 10.10 and all earlier versions, and Operations Bridge (containerized) 2020.05, 2019.08, 2019.05, 2018.11, 2018.08, 2018.05. 2018.02 and 2017.11. 3.), and Application Performance Management versions 9,51, 9.50 and 9.40 with UCMDB 10.33 CUP 3.

Nuclei Template

View the template here CVE-2020-11854.yaml

Validate with Nuclei

echo "$URL" | nuclei -t ~/nuclei-templates/http/cves/2020/CVE-2020-11854.yaml

References:

https://softwaresupport.softwaregrp.com/doc/KM03747854
http://packetstormsecurity.com/files/161182/Micro-Focus-UCMDB-Remote-Code-Execution.html
https://softwaresupport.softwaregrp.com/doc/KM03747657
https://softwaresupport.softwaregrp.com/doc/KM03747658
https://nvd.nist.gov/vuln/detail/CVE-2020-11854

.. / CVE-2020-11854 if(localStorage["style"]=="true"){ document.getElementById('pagestyle').setAttribute('href','/assets/styleDark.css'); document.querySelector('input[type="checkbox"]').checked = true }

Exploit for Micro Focus UCMDB - Remote Code Execution (CVE-2020-11854)

Description:

Nuclei Template

Validate with Nuclei

.. / CVE-2020-11854