CVE-2022-38754

CVSS V2 None CVSS V3 None
Description
A potential vulnerability has been identified in Micro Focus Operations Bridge - Containerized. The vulnerability could be exploited by a malicious authenticated OBM (Operations Bridge Manager) user to run Java Scripts in the browser context of another OBM user. Please note: The vulnerability is only applicable if the Operations Bridge Manager capability is deployed. A potential vulnerability has been identified in Micro Focus Operations Bridge Manager (OBM). The vulnerability could be exploited by a malicious authenticated OBM user to run Java Scripts in the browser context of another OBM user. This issue affects: Micro Focus Micro Focus Operations Bridge Manager versions prior to 2022.11. Micro Focus Micro Focus Operations Bridge- Containerized versions prior to 2022.11.
Overview
  • CVE ID
  • CVE-2022-38754
  • Assigner
  • security@microfocus.com
  • Vulnerability Status
  • Analyzed
  • Published Version
  • 2022-12-08T16:15:11
  • Last Modified Date
  • 2022-12-12T15:34:03
CPE Configuration (Product)
CPE Vulnerable Operator Version Start Version End
cpe:2.3:a:microfocus:operations_bridge:*:*:*:*:*:*:*:* 1 OR 2022.11
cpe:2.3:a:microfocus:operations_bridge_manager:*:*:*:*:*:*:*:* 1 OR 2022.11
History
Created Old Value New Value Data Type Notes
2022-12-08 17:16:12 Added to TrackCVE
2022-12-12 12:24:07 2022-12-08T16:15:11.717 2022-12-08T16:15:11 CVE Published Date updated
2022-12-12 12:24:07 2022-12-08T16:29:05 CVE Modified Date updated
2022-12-12 12:24:07 Awaiting Analysis Undergoing Analysis Vulnerability Status updated
2022-12-12 16:15:58 2022-12-12T15:34:03 CVE Modified Date updated
2022-12-12 16:15:58 Undergoing Analysis Analyzed Vulnerability Status updated
2022-12-12 16:15:58 CWE-79 Weakness Enumeration new
2022-12-12 16:15:59 CPE Information updated