MFSBGN03803 rev.1 - UCMDB, Installation File Access Control Privilege Escalation Vulnerability
Description
Local privilege escalation vulnerability in Micro Focus Universal CMDB versions 10.20-11.00 allows attackers to gain elevated privileges.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Local privilege escalation vulnerability in Micro Focus Universal CMDB versions 10.20-11.00 allows attackers to gain elevated privileges.
Vulnerability
A local escalation of privilege vulnerability exists in Micro Focus Universal CMDB (UCMDB) versions 10.20, 10.21, 10.22, 10.30, 10.31, 10.32, 10.33, and 11.00 [1]. The issue is related to file access control during installation, which can be exploited [1].
Exploitation
An attacker with local access or the ability to remotely trigger installation file manipulation can exploit this vulnerability [1]. The specific attack vector involves modifying installation files to achieve privilege escalation.
Impact
Successful exploitation allows an attacker to escalate privileges locally, potentially gaining administrative rights on the affected system [1].
Mitigation
Micro Fixed issued a security bulletin (Document ID: KM03141180) addressing this vulnerability [1]. Users should apply the recommended updates or mitigations provided by the vendor. No specific patch version was disclosed at the time of publication.
AI Insight generated on May 26, 2026. Synthesized from this CVE's description and the cited reference URLs; citations are validated against the source bundle.
Affected products
2- Range: 10.20, 10.21, 10.22, 10.30, 10.31, 10.32, 10.33, 11.00
- Micro Focus/Universal CMDBv5Range: 10.20, 10.21, 10.22, 10.30, 10.31, 10.32, 10.33, 11.00
Patches
0No patches discovered yet.
Vulnerability mechanics
No source-code context for this CVE — mechanics is only generated when we can read the actual fix diff. Without that, the four sections (root cause, attack vector, affected code, fix) would be speculation rather than analysis.
References
2- www.securitytracker.com/id/1040680mitrevdb-entryx_refsource_SECTRACK
- softwaresupport.softwaregrp.com/document/-/facetsearch/document/KM03141180mitrex_refsource_CONFIRM
News mentions
0No linked articles in our index yet.