← Back to CVEs
CVE-2021-22506
HIGHCISA KEV7.5
Description
Advance configuration exposing Information Leakage vulnerability in Micro Focus Access Manager product, affects all versions prior to version 5.0. The vulnerability could cause information leakage.
CVE Details
CVSS v3.1 Score7.5
SeverityHIGH
CVSS VectorCVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
Attack VectorNETWORK
ComplexityLOW
Privileges RequiredNONE
User InteractionNONE
Published3/26/2021
Last Modified10/27/2025
Sourcekev
Honeypot Sightings0
CISA KEV
VendorMicro Focus
ProductMicro Focus Access Manager
Vulnerability NameMicro Focus Access Manager Information Leakage Vulnerability
KEV Date Added2021-11-03
Remediation Due Date2021-11-17
Ransomware UseUnknown
Affected Products
microfocus:access_manager
References
https://www.microfocus.com/documentation/access-manager/5.0/accessmanager50-release-notes/accessmanager50-release-notes.html(security@opentext.com)
https://www.microfocus.com/documentation/access-manager/5.0/accessmanager50-release-notes/accessmanager50-release-notes.html(af854a3a-2127-422b-91ae-364da2661108)
https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2021-22506(134c704f-9b21-4f2e-91b3-4a467353bcc0)
IOC Correlations
No correlations recorded
This product uses data from the NVD API but is not endorsed or certified by the NVD.