CVE-2021-22506

Advance configuration exposing Information Leakage vulnerability in Micro Focus Access Manager product, affects all versions prior to version 5.0. The vulnerability could cause information leakage.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTNIST
7.5 HIGH
NETWORK
LOW
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
microfocusCNA
---
---
CVEADP
---
---
CISA-ADPADP
7.5 HIGH
NETWORK
LOW
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
Base Score
CVSS 3.x
EPSS Score
Percentile: 96%
VendorProductVersion
microfocusaccess_manager
𝑥
< 5.0
𝑥
= Vulnerable software versions
References
https://www.microfocus.com/documentation/access-manager/5.0/accessmanager50-release-notes/accessmanager50-release-notes.html
https://www.microfocus.com/documentation/access-manager/5.0/accessmanager50-release-notes/accessmanager50-release-notes.html