CVE-2018-7683 - Vulnerability Details

Vendors	Products
Microfocus	Solutions Business Manager

Link	Providers
http://help.serena.com/doc_center/sbm/ver11_4/sbm_release_notes.htm

Show plain JSON

{"containers": {"cna": {"affected": [{"product": "Solutions Business Manager 11.4", "vendor": "Micro Focus", "versions": [{"status": "affected", "version": "Solutions Business Manager versions prior to 11.4"}]}], "datePublic": "2018-06-20T00:00:00", "descriptions": [{"lang": "en", "value": "Micro Focus Solutions Business Manager versions prior to 11.4 might reveal certain sensitive information in server log files."}], "problemTypes": [{"descriptions": [{"description": "Information Disclosure", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2021-01-06T16:15:37", "orgId": "f81092c5-7f14-476d-80dc-24857f90be84", "shortName": "microfocus"}, "references": [{"tags": ["x_refsource_CONFIRM"], "url": "http://help.serena.com/doc_center/sbm/ver11_4/sbm_release_notes.htm"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "security@microfocus.com", "DATE_PUBLIC": "2018-06-20T00:00:00", "ID": "CVE-2018-7683", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "Solutions Business Manager 11.4", "version": {"version_data": [{"version_value": "Solutions Business Manager versions prior to 11.4"}]}}]}, "vendor_name": "Micro Focus"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "Micro Focus Solutions Business Manager versions prior to 11.4 might reveal certain sensitive information in server log files."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "Information Disclosure"}]}]}, "references": {"reference_data": [{"name": "http://help.serena.com/doc_center/sbm/ver11_4/sbm_release_notes.htm", "refsource": "CONFIRM", "url": "http://help.serena.com/doc_center/sbm/ver11_4/sbm_release_notes.htm"}]}}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-05T06:31:05.247Z"}, "title": "CVE Program Container", "references": [{"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "http://help.serena.com/doc_center/sbm/ver11_4/sbm_release_notes.htm"}]}]}, "cveMetadata": {"assignerOrgId": "f81092c5-7f14-476d-80dc-24857f90be84", "assignerShortName": "microfocus", "cveId": "CVE-2018-7683", "datePublished": "2018-06-21T19:00:00Z", "dateReserved": "2018-03-05T00:00:00", "dateUpdated": "2024-09-17T01:30:46.785Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{

containers : { »

cna : { »

affected : [ »

0 : { »

product : Solutions Business Manager 11.4 (string)

vendor : Micro Focus (string)

versions : [ »

0 : { »

status : affected (string)

version : Solutions Business Manager versions prior to 11.4 (string)

}

]

}

]

datePublic : 2018-06-20T00:00:00 (string)

descriptions : [ »

0 : { »

lang : en (string)

value : Micro Focus Solutions Business Manager versions prior to 11.4 might reveal certain sensitive information in server log files. (string)

}

]

problemTypes : [ »

0 : { »

descriptions : [ »

0 : { »

description : Information Disclosure (string)

lang : en (string)

type : text (string)

}

]

}

]

providerMetadata : { »

dateUpdated : 2021-01-06T16:15:37 (string)

orgId : f81092c5-7f14-476d-80dc-24857f90be84 (string)

shortName : microfocus (string)

}

references : [ »

0 : { »

tags : [ »

0 : x_refsource_CONFIRM (string)

]

url : http://help.serena.com/doc_center/sbm/ver11_4/sbm_release_notes.htm (string)

}

]

x_legacyV4Record : { »

CVE_data_meta : { »

ASSIGNER : security@microfocus.com (string)

DATE_PUBLIC : 2018-06-20T00:00:00 (string)

ID : CVE-2018-7683 (string)

STATE : PUBLIC (string)

}

affects : { »

vendor : { »

vendor_data : [ »

0 : { »

product : { »

product_data : [ »

0 : { »

product_name : Solutions Business Manager 11.4 (string)

version : { »

version_data : [ »

0 : { »

version_value : Solutions Business Manager versions prior to 11.4 (string)

}

]

}

]

}

vendor_name : Micro Focus (string)

}

]

}

data_format : MITRE (string)

data_type : CVE (string)

data_version : 4.0 (string)

description : { »

description_data : [ »

0 : { »

lang : eng (string)

value : Micro Focus Solutions Business Manager versions prior to 11.4 might reveal certain sensitive information in server log files. (string)

}

]

}

problemtype : { »

problemtype_data : [ »

0 : { »

description : [ »

0 : { »

lang : eng (string)

value : Information Disclosure (string)

}

]

}

]

}

references : { »

reference_data : [ »

0 : { »

name : http://help.serena.com/doc_center/sbm/ver11_4/sbm_release_notes.htm (string)

refsource : CONFIRM (string)

url : http://help.serena.com/doc_center/sbm/ver11_4/sbm_release_notes.htm (string)

}

]

}

adp : [ »

0 : { »

providerMetadata : { »

orgId : af854a3a-2127-422b-91ae-364da2661108 (string)

shortName : CVE (string)

dateUpdated : 2024-08-05T06:31:05.247Z (string)

}

title : CVE Program Container (string)

references : [ »

0 : { »

tags : [ »

0 : x_refsource_CONFIRM (string)

1 : x_transferred (string)

]

url : http://help.serena.com/doc_center/sbm/ver11_4/sbm_release_notes.htm (string)

}

]

}

]

}

cveMetadata : { »

assignerOrgId : f81092c5-7f14-476d-80dc-24857f90be84 (string)

assignerShortName : microfocus (string)

cveId : CVE-2018-7683 (string)

datePublished : 2018-06-21T19:00:00Z (string)

dateReserved : 2018-03-05T00:00:00 (string)

dateUpdated : 2024-09-17T01:30:46.785Z (string)

state : PUBLISHED (string)

}

dataType : CVE_RECORD (string)

dataVersion : 5.1 (string)

}

Show plain JSON

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:microfocus:solutions_business_manager:*:*:*:*:*:*:*:*", "matchCriteriaId": "42B99FDC-F4A0-44C5-B2F6-2908E3D48628", "versionEndExcluding": "11.4", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "descriptions": [{"lang": "en", "value": "Micro Focus Solutions Business Manager versions prior to 11.4 might reveal certain sensitive information in server log files."}, {"lang": "es", "value": "Micro Focus Solutions Business Manager en versiones anteriores a la 11.4 podr\u00eda revelar cierta informaci\u00f3n sensible en los archivos de registro del servidor."}], "id": "CVE-2018-7683", "lastModified": "2024-11-21T04:12:32.020", "metrics": {"cvssMetricV2": [{"acInsufInfo": true, "baseSeverity": "MEDIUM", "cvssData": {"accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "NONE", "baseScore": 5.0, "confidentialityImpact": "PARTIAL", "integrityImpact": "NONE", "vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N", "version": "2.0"}, "exploitabilityScore": 10.0, "impactScore": 2.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}], "cvssMetricV30": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", "version": "3.0"}, "exploitabilityScore": 3.9, "impactScore": 3.6, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2018-06-21T19:29:00.447", "references": [{"source": "security@opentext.com", "url": "http://help.serena.com/doc_center/sbm/ver11_4/sbm_release_notes.htm"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://help.serena.com/doc_center/sbm/ver11_4/sbm_release_notes.htm"}], "sourceIdentifier": "security@opentext.com", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-532"}], "source": "nvd@nist.gov", "type": "Primary"}]}

{

configurations : [ »

0 : { »

nodes : [ »

0 : { »

cpeMatch : [ »

0 : { »

criteria : cpe:2.3:a:microfocus:solutions_business_manager:*:*:*:*:*:*:*:* (string)

matchCriteriaId : 42B99FDC-F4A0-44C5-B2F6-2908E3D48628 (string)

versionEndExcluding : 11.4 (string)

vulnerable : true (boolean)

}

]

negate : false (boolean)

operator : OR (string)

}

]

}

]

descriptions : [ »

0 : { »

lang : en (string)

value : Micro Focus Solutions Business Manager versions prior to 11.4 might reveal certain sensitive information in server log files. (string)

}

1 : { »

lang : es (string)

value : Micro Focus Solutions Business Manager en versiones anteriores a la 11.4 podría revelar cierta información sensible en los archivos de registro del servidor. (string)

}

]

id : CVE-2018-7683 (string)

lastModified : 2024-11-21T04:12:32.020 (string)

metrics : { »

cvssMetricV2 : [ »

0 : { »

acInsufInfo : true (boolean)

baseSeverity : MEDIUM (string)

cvssData : { »

accessComplexity : LOW (string)

accessVector : NETWORK (string)

authentication : NONE (string)

availabilityImpact : NONE (string)

baseScore : 5 (number)

confidentialityImpact : PARTIAL (string)

integrityImpact : NONE (string)

vectorString : AV:N/AC:L/Au:N/C:P/I:N/A:N (string)

version : 2.0 (string)

}

exploitabilityScore : 10 (number)

impactScore : 2.9 (number)

obtainAllPrivilege : false (boolean)

obtainOtherPrivilege : false (boolean)

obtainUserPrivilege : false (boolean)

source : nvd@nist.gov (string)

type : Primary (string)

userInteractionRequired : false (boolean)

}

]

cvssMetricV30 : [ »

0 : { »

cvssData : { »

attackComplexity : LOW (string)

attackVector : NETWORK (string)

availabilityImpact : NONE (string)

baseScore : 7.5 (number)

baseSeverity : HIGH (string)

confidentialityImpact : HIGH (string)

integrityImpact : NONE (string)

privilegesRequired : NONE (string)

scope : UNCHANGED (string)

userInteraction : NONE (string)

vectorString : CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N (string)

version : 3.0 (string)

}

exploitabilityScore : 3.9 (number)

impactScore : 3.6 (number)

source : nvd@nist.gov (string)

type : Primary (string)

}

]

}

published : 2018-06-21T19:29:00.447 (string)

references : [ »

0 : { »

source : security@opentext.com (string)

url : http://help.serena.com/doc_center/sbm/ver11_4/sbm_release_notes.htm (string)

}

1 : { »

source : af854a3a-2127-422b-91ae-364da2661108 (string)

url : http://help.serena.com/doc_center/sbm/ver11_4/sbm_release_notes.htm (string)

}

]

sourceIdentifier : security@opentext.com (string)

vulnStatus : Modified (string)

weaknesses : [ »

0 : { »

description : [ »

0 : { »

lang : en (string)

value : CWE-532 (string)

}

]

source : nvd@nist.gov (string)

type : Primary (string)

}

]

}

Metrics

Attack Vector Network

Attack Complexity Low

Privileges Required None

Scope Unchanged

Confidentiality Impact High

Integrity Impact None

Availability Impact None

User Interaction None

Access Vector Network

Access Complexity Low

Authentication None

Confidentiality Impact Partial

Integrity Impact None

Availability Impact None

Affected Vendors & Products

Metrics

Attack Vector Network

Attack Complexity Low

Privileges Required None

Scope Unchanged

Confidentiality Impact High

Integrity Impact None

Availability Impact None

User Interaction None

Access Vector Network

Access Complexity Low

Authentication None

Confidentiality Impact Partial

Integrity Impact None

Availability Impact None

Affected Vendors & Products

JSON object

JSON object

JSON object

JSON object