CVE-2021-22517

A potential unauthorized privilege escalation vulnerability has been identified in Micro Focus Data Protector. The vulnerability affects versions 10.10, 10.20, 10.30, 10.40, 10.50, 10.60, 10.70, 10.80, 10.0 and 10.91. A privileged user may potentially misuse this feature and thus allow unintended and unauthorized access of data.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTNIST
8.8 HIGH
NETWORK
LOW
LOW
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
microfocusCNA
---
---
CVEADP
---
---
Base Score
CVSS 3.x
EPSS Score
Percentile: 65%
VendorProductVersion
microfocusdata_protector
10.0
microfocusdata_protector
10.10
microfocusdata_protector
10.20
microfocusdata_protector
10.30
microfocusdata_protector
10.40
microfocusdata_protector
10.50
microfocusdata_protector
10.60
microfocusdata_protector
10.70
microfocusdata_protector
10.80
microfocusdata_protector
10.91
𝑥
= Vulnerable software versions
References
https://portal.microfocus.com/s/article/KM000001460
https://portal.microfocus.com/s/article/KM000001460