CVE-2020-11857
CVE-2020-11857
Vexday Risk Score
23Low
SSVC decision (CISA)
Attend
PoC available → attend closely
Exploit maturity
Functional exploit
Automatable exploit available (Nuclei/Metasploit).
CVSS —EPSS 15.8%KEV nãoPoC —Nuclei —Metasploit simPatch —
Lifecycle
21 Sep 2020Metasploit module available
22 Sep 2020Published on NVD
Recommendation: Plan a near-term fix — a public PoC already exists.
An Authorization Bypass vulnerability on Micro Focus Operation Bridge Reporter, affecting version 10.40 and earlier. The vulnerability could allow remote attackers to access the OBR host as a non-admin user
Affected products
n/a · Operation Bridge Reporter.