CVE-2021-22514

An arbitrary code execution vulnerability exists in Micro Focus Application Performance Management, affecting versions 9.40, 9.50 and 9.51. The vulnerability could allow remote attackers to execute arbitrary code on affected installations of APM.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTNIST
9.8 CRITICAL
NETWORK
LOW
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
microfocusCNA
---
---
CVEADP
---
---
Base Score
CVSS 3.x
EPSS Score
Percentile: 81%
VendorProductVersion
microfocusapplication_performance_management
9.40
microfocusapplication_performance_management
9.50
microfocusapplication_performance_management
9.51
𝑥
= Vulnerable software versions
References
https://softwaresupport.softwaregrp.com/doc/KM03806649
https://softwaresupport.softwaregrp.com/doc/KM03806649