CVE-2018-18589 MEDIUM

CVE-2018-18589: MFSBGN03827 rev.1 - Microfocus Real User Monitoring 9.4.0 BPRDownload Java Deserialization Vulnerability

Vendor Micro Focus

Product Microfocus Real User Monitoring

Published October 23, 2018

Last update September 16, 2024

View on NVD All CVEs

CVSS base score

6.3/10

Attack vector Network

Attack complexity Low

Privileges required Low

User interaction None

Confidentiality Low

Integrity Low

CVSS vector

CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L

What the vulnerability does

Description

A potential Remote Arbitrary Code Execution vulnerability has been identified in Micro Focus' Real User Monitoring software, versions 9.26IP, 9.30, 9.40 and 9.50. The vulnerability could be exploited to execute arbitrary code.

Key dates

Disclosure timeline

October 23, 2018 CVE published

September 16, 2024 Record updated