Java Objects Deserialization & Cross-site Request forgery (CSRF) vulnerabilities has been identified in UCMDB Server, a component for CMS. This document provides required actions that must be performed to mitigate those vulnerability.
Java Objects Deserialization & Cross-site Request forgery (CSRF) vulnerabilities found with UD server and probe component.
ACTION: Review all details in instructions provided in this paper to address the vulnerability.
Micro Focus recommend addressing this information as soon as possible.
UCMDB 10.20; 10.21; 10.22
UCMDB 10.22 CUP7
UCMDB 10.30; 10.31; 10.32; 10.33
UCMDB 10.33 CUP2
CMS Server 2018.05
Software Entitlements Portal