CVE-2021-22514
Published Apr 28, 2021
Last updated a year ago
Overview
- Description
- An arbitrary code execution vulnerability exists in Micro Focus Application Performance Management, affecting versions 9.40, 9.50 and 9.51. The vulnerability could allow remote attackers to execute arbitrary code on affected installations of APM.
- Source
- security@opentext.com
- NVD status
- Modified
Risk scores
CVSS 3.1
- Type
- Primary
- Base score
- 9.8
- Impact score
- 5.9
- Exploitability score
- 3.9
- Vector string
- CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
- Severity
- CRITICAL
CVSS 2.0
- Type
- Primary
- Base score
- 7.5
- Impact score
- 6.4
- Exploitability score
- 10
- Vector string
- AV:N/AC:L/Au:N/C:P/I:P/A:P
Weaknesses
- nvd@nist.gov
- NVD-CWE-noinfo
Social media
- Hype score
- Not currently trending
Configurations
[
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:a:microfocus:application_performance_management:9.40:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "3C520D74-D011-4C1E-9429-BA0A38BC0D28"
},
{
"criteria": "cpe:2.3:a:microfocus:application_performance_management:9.50:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "9E3938F6-E50A-480B-8219-0B210983525E"
},
{
"criteria": "cpe:2.3:a:microfocus:application_performance_management:9.51:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "C419162B-A41C-49D0-9293-5F10B8A911EB"
}
],
"operator": "OR"
}
]
}
]