CVE-2021-22535

EUVD-2021-9677
Unauthorized information security disclosure vulnerability on Micro Focus Directory and Resource Administrator (DRA) product, affecting all DRA versions prior to 10.1 Patch 1. The vulnerability could lead to unauthorized information disclosure.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTPrimary
4.9 MEDIUM
NETWORK
LOW
HIGH
CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N
Base Score
CVSS 3.x
EPSS Score
Percentile: 45%
Affected Products (NVD)
VendorProductVersion
microfocusnetiq_directory_and_resource_administrator
𝑥
< 10.1.0.1
𝑥
= Vulnerable software versions
Common Weakness Enumeration
References
https://support.microfocus.com/kb/doc.php?id=7025273
https://support.microfocus.com/kb/doc.php?id=7025273