Full Baslik: Micro Focus Operations Bridge Manager Local Privilege Escalation Exploit 
Kategori: local exploits
Platform: windows
This Metasploit module exploits an insecure permission vulnerability on a folder in Micro Focus Operations Bridge Manager. An unprivileged user (such as Guest) can drop a JSP file in an exploded WAR directory and then access it without authentication by making a request to the OBM server. This will result in automatic code execution as SYSTEM. This module has been tested on OBM 2020.05, but it should work out of the box on earlier versions too.

# 0day.today @ http://0day.today/