CVE-2018-6495: MFSBGN03808 rev.1 - Micro Focus UCMDB, Cross-Site Scripting

Get alerts for future matching vulnerabilitiesLog in to subscribe

I. Basic Information for CVE-2018-6495

Vulnerability Information

Have questions about the vulnerability? See if Shenlong's analysis helps!

Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.

Vulnerability Title

MFSBGN03808 rev.1 - Micro Focus UCMDB, Cross-Site Scripting

Source: NVD (National Vulnerability Database)

Vulnerability Description

Cross-Site Scripting (XSS) in Micro Focus Universal CMDB, version 10.20, 10.21, 10.22, 10.30, 10.31, 10.32, 10.33, 11.0, CMS, version 4.10, 4.11, 4.12, 4.13, 4.14, 4.15.1 and Micro Focus UCMDB Browser, version 4.10, 4.11, 4.12, 4.13, 4.14, 4.15.1. This vulnerability could be remotely exploited to allow Cross-Site Scripting (XSS).

Source: NVD (National Vulnerability Database)

CVSS Information

N/A

Source: NVD (National Vulnerability Database)

Vulnerability Type

N/A

Source: NVD (National Vulnerability Database)

Vulnerability Title

Micro Focus Universal CMDB、CMS和UCMDB Browser 跨站脚本漏洞

Source: CNNVD (China National Vulnerability Database)

Vulnerability Description

Micro Focus Universal CMDB、CMS和UCMDB Browser都是英国Micro Focus公司的产品。Micro Focus Universal CMDB是一套资源管理解决方案；CMS是一套CMDB的配置管理系统；UCMDB Browser一款轻量级的基于Web用于访问UCMDB（通用管理配置数据库）数据的客户端。 Micro Focus Universal CMDB、CMS和UCMDB Browser中存在跨站脚本漏洞。远程攻击者可利用该漏洞注入任意的Web脚本或HTML。以

Source: CNNVD (China National Vulnerability Database)

CVSS Information

N/A

Source: CNNVD (China National Vulnerability Database)

Vulnerability Type

N/A

Source: CNNVD (China National Vulnerability Database)

Affected Products

Vendor	Product	Affected Versions	CPE
Micro Focus	UCMDB	10.20, 10.21, 10.22, 10.30, 10.31, 10.32, 10.33, 11.0	-
Micro Focus	CMS Server 2018.05	4.10, 4.11, 4.12, 4.13, 4.14, 4.15.1	-
Micro Focus	UCMDB Browser	4.10, 4.11, 4.12, 4.13, 4.14, 4.15.1	-

II. Public POCs for CVE-2018-6495

#	POC Description	Source Link	Shenlong Link

AI-Generated POCPremium

No public POC found.

III. Intelligence Information for CVE-2018-6495

Please Login to view more intelligence information

https://softwaresupport.softwaregrp.com/document/-/facetsearch/document/KM03164778x_refsource_CONFIRM
http://www.securitytracker.com/id/1040970vdb-entryx_refsource_SECTRACK
https://nvd.nist.gov/vuln/detail/CVE-2018-6495

IV. Related Vulnerabilities

Same product: UCMDB

Same vendor: Micro Focus

V. Comments for CVE-2018-6495

No comments yet

Goal Reached Thanks to every supporter — we hit 100%!

I. Basic Information for CVE-2018-6495

Vulnerability Information

Vulnerability Title

Vulnerability Description

CVSS Information

Vulnerability Type

Vulnerability Title

Vulnerability Description

CVSS Information

Vulnerability Type

Affected Products

II. Public POCs for CVE-2018-6495

III. Intelligence Information for CVE-2018-6495

IV. Related Vulnerabilities

V. Comments for CVE-2018-6495

Leave a comment