Advance configuration exposing Information Leakage vulnerability in Micro Focus Access Manager product, affects all versions prior to version 5.0. The vulnerability could cause information leakage.

Metrics

No CVSS v4.0

Attack Vector Network

Attack Complexity Low

Privileges Required None

Scope Unchanged

Confidentiality Impact High

Integrity Impact None

Availability Impact None

User Interaction None

No CVSS v3.0

Access Vector Network

Access Complexity Low

Authentication None

Confidentiality Impact Partial

Integrity Impact None

Availability Impact None

This CVE is in the KEV database since Nov. 3, 2021.

Exploitation active

Automatable yes

Technical Impact partial

Affected Vendors & Products

Vendors Products
Microfocus
  • Access Manager

Configuration 1 [-]

cpe:2.3:a:microfocus:access_manager:*:*:*:*:*:*:*:*

No data.

References
Link Providers
https://www.microfocus.com/documentation/access-manager/5.0/accessmanager50-release-notes/accessmanager50-release-notes.html cve-icon cve-icon
History

Thu, 06 Feb 2025 21:15:00 +0000

Type Values Removed Values Added
Metrics kev

{'dateAdded': '2021-11-03'}

ssvc

{'options': {'Automatable': 'yes', 'Exploitation': 'active', 'Technical Impact': 'partial'}, 'version': '2.0.3'}
cve-icon MITRE

Status: PUBLISHED

Assigner: microfocus

Published:

Updated: 2025-02-06T20:54:25.068Z

Reserved: 2021-01-05T00:00:00.000Z

Link: CVE-2021-22506

cve-icon Vulnrichment

Updated: 2024-08-03T18:44:14.045Z

cve-icon NVD

Status : Modified

Published: 2021-03-26T14:15:11.967

Modified: 2025-02-06T21:15:16.713

Link: CVE-2021-22506

cve-icon Redhat

No data.