MFSBGN03809 rev.1 - Universal CMDB, Deserialization Java Objects and CSRF

Remote Cross-site Request forgery (CSRF) potential has been identified in UCMBD Browser version 4.10, 4.11, 4.12, 4.13, 4.14, 4.15, 4.15.1 which could allow for remote unsafe deserialization and cross-site request forgery (CSRF).

N/A

N/A

Micro Focus Universal Configuration Management Database Browser 跨站请求伪造漏洞

Micro Focus Universal Configuration Management Database（UCMDB）是英国Micro Focus公司的一套可存储、控制并管理软件和基础设施的组件及其相互关系的数据库软件。UCMDB Browser是其中的一个用于访问UCMDB数据的浏览器。 Micro Focus UCMBD Browser中存在跨站请求伪造漏洞。远程攻击者可利用该漏洞实施Java对象反序列化攻击并执行未授权的操作。以下版本受到影响：Micro Focus Universal Con

N/A

N/A