'; } else{ echo ''; } echo 'Hillstone Networks'; } elseif ($_SERVER[HTTP_HOST] == "update1.huaantech.com.cn") { echo ''; echo 'huaantech'; } elseif ($_SERVER[HTTP_HOST] == "update1.dcnetworks.com.cn") { echo ''; echo 'dcnetworks'; } elseif ($_SERVER[HTTP_HOST] == "update1.w-ibeda.com") { if (false===strpos($_SERVER[REQUEST_URI],"/en/")) echo ''; else echo ''; echo 'w-ibeda'; } elseif ($_SERVER[HTTP_HOST] == "update1.hp-telecom.com") { echo ''; echo 'hp-telecom'; } elseif ($_SERVER[HTTP_HOST] == "update1.maipu.com") { echo ''; echo 'Maipu'; } elseif ($_SERVER[HTTP_HOST] == "update1.ncurity.com") { echo ''; echo 'Ncurity'; } elseif ($_SERVER[HTTP_HOST] == "update1.socusnetwork.com") { echo ''; echo 'Socusnetwork'; } else{ echo ''; echo 'Hillstone Networks'; } ?>
 
   
 

vul_app: micro_focus_ucmdb_uauth_rce_vul(Rule ID:1070210155)

Release Date2025/9/15

Rule NameCVE-2020-11854: Micro Focus UCMDB Unauthenticated Remote Code Execution Vulnerability

Severity:critical

CVE IDCVE-2020-11854

 

Descripiton

Micro Focus Operation Bridge Manager is an enterprise-level monitoring software of British Micro Focus company. The software uses HTML5 to visually summarize the service operation status. Multiple versions of Micro Focus Operation Bridge Manager have code injection vulnerabilities. This vulnerability could allow remote attackers to execute arbitrary code. The affected versions are as follows: 2020.05, 2019.11, 2019.05, 2018.11, 2018.05, 10.6x and 10.1x and previous versions. This rule supports to defend the A6: Vulnerable and Outdated Components of OWASP Top 10 - 2021.
Other reference:None

 

Solution

Update vendor patches.