CVE-2021-22535

Unauthorized information security disclosure vulnerability on Micro Focus Directory and Resource Administrator (DRA) product, affecting all DRA versions prior to 10.1 Patch 1. The vulnerability could lead to unauthorized information disclosure.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTNIST
4.9 MEDIUM
NETWORK
LOW
HIGH
CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N
microfocusCNA
---
---
CVEADP
---
---
Base Score
CVSS 3.x
EPSS Score
Percentile: 45%
VendorProductVersion
microfocusnetiq_directory_and_resource_administrator
𝑥
< 10.1.0.1
𝑥
= Vulnerable software versions
Common Weakness Enumeration
References
https://support.microfocus.com/kb/doc.php?id=7025273
https://support.microfocus.com/kb/doc.php?id=7025273