← back
CVE-2020-11857

CVE-2020-11857

EPSS 15.8%
Vexday Risk Score
23Low
SSVC decision (CISA)
Attend
PoC available → attend closely
Exploit maturity
Functional exploit
Automatable exploit available (Nuclei/Metasploit).
CVSS EPSS 15.8%KEV nãoPoC Nuclei Metasploit simPatch
Lifecycle
21 Sep 2020Metasploit module available
22 Sep 2020Published on NVD
Recommendation: Plan a near-term fix — a public PoC already exists.
An Authorization Bypass vulnerability on Micro Focus Operation Bridge Reporter, affecting version 10.40 and earlier. The vulnerability could allow remote attackers to access the OBR host as a non-admin user