← back
CVE-2019-11660

CVE-2019-11660

EPSS 7.8%
Vexday Risk Score
38Attention
SSVC decision (CISA)
Attend
PoC available → attend closely
Exploit maturity
Functional exploit
Automatable exploit available (Nuclei/Metasploit).
CVSS EPSS 7.8%KEV nãoPoC públicaNuclei Metasploit simPatch
Lifecycle
13 Sep 2019Metasploit module available
13 Sep 2019Published on NVD
04 Nov 2019Public PoC
Weaponization speed
51 daysto first PoC
Recommendation: Plan a near-term fix — a public PoC already exists.
Privileges manipulation in Micro Focus Data Protector, versions 10.00, 10.01, 10.02, 10.03, 10.04, 10.10, 10.20, 10.30, 10.40. This vulnerability could be exploited by a low-privileged user to execute a custom binary with higher privileges.
Affected products
n/a · Data Protector
⚠ Public resources, to assess the exposure of systems you control or are authorized to test. Test only with authorization.