CVE-2019-11658

Information exposure in Micro Focus Content Manager, versions 9.1, 9.2 and 9.3. This vulnerability when configured to use an Oracle database, allows valid system users to gain access to a limited subset of records they would not normally be able to access when the system is in an undisclosed abnormal state.

Published: Aug 30, 2019
Updated: Apr 13, 2023
CVE: CVE-2019-11658
Severity: Low
Exploit:

CVSS v3:

Severity: Low
Score: 4.3
AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N

CVSS v2:

Severity: Low
Score: 4
AV:N/AC:L/Au:S/C:P/I:N/A:N

CWEs:

CWE-200

Affected Software
References

Software	From	Fixed in
microfocus / content_manager	9.1	9.1.x
microfocus / content_manager	9.2	9.2.x
microfocus / content_manager	9.3	9.3.x

https://softwaresupport.softwaregrp.com/doc/KM03496282

Vulnerability Database

289,697

CVE-2019-11658