Security Update for CVE-2020-11844 affecting multiple Micro Focus Security Products

  • 7024637
  • 18-May-2020
  • 28-May-2020

Environment

Identity Intelligence 1.1.0 and 1.1.1 (as part of Identity Governance/Identity Manager)
ArcSight Investigate 2.4.0, 3.0.0 and 3.1.0
Transformation Hub 3.0.0, 3.1.0 and 3.2.0
ArcSight Interset 6.0.0
ArcSight ESM 7.2.1 (when ArcSight Fusion 1.0 is installed)

Situation

The following article describes the actions to fix the security vulnerability CVE-2020-11844 in Micro Focus Security products.

A potential vulnerability has been identified in the Micro Focus Container Deployment Foundation (CDF) component that ships with ArcSight Investigate, Transformation Hub, ArcSight Interset, ArcSight ESM (as part of ArcSight Fusion), and Identity Intelligence. The vulnerability could be exploited to provide unauthorized access to the Container Deployment Foundation.


IMPORTANT:
You will need to re-apply this patch whenever you upgrade one of the affected Micro Focus products to another version that is listed as vulnerable.

Resolution

Installation instructions:

1. Copy the patch to the node where the product is running 
     (the initial master node if multi-node cluster)

https://download.microfocus.com/Download?buildid=67fS6ctlne8~

Note: The instructions assume the file was copied to the directory /opt/download/

2. Verify the patch checksum against the published checksum
cd /opt/download
sha256sum CVE-2020-11844.zip
expected value: 1d04ad9c5b6c56b21c4c41384ddd85355c18999c3a0c36b5a8f4d8092c3f78dc

3. Extract the patch unzip CVE-2020-11844.zip

4. Follow the instructions from CVE-2020-11844/README.txt to continue with the installation

Status

Security Alert