CVE-2021-22514

EUVD-2021-9656
An arbitrary code execution vulnerability exists in Micro Focus Application Performance Management, affecting versions 9.40, 9.50 and 9.51. The vulnerability could allow remote attackers to execute arbitrary code on affected installations of APM.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTPrimary
9.8 CRITICAL
NETWORK
LOW
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Base Score
CVSS 3.x
EPSS Score
Percentile: 82%
Affected Products (NVD)
VendorProductVersion
microfocusapplication_performance_management
9.40
microfocusapplication_performance_management
9.50
microfocusapplication_performance_management
9.51
𝑥
= Vulnerable software versions
References
https://softwaresupport.softwaregrp.com/doc/KM03806649
https://softwaresupport.softwaregrp.com/doc/KM03806649