9.8
CVE-2021-22507
- EPSS 0.85%
- Veröffentlicht 08.04.2021 18:15:13
- Zuletzt bearbeitet 21.11.2024 05:50:14
- Quelle security@opentext.com
- Teams Watchlist Login
- Unerledigt Login
Authentication bypass vulnerability in Micro Focus Operations Bridge Manager affects versions 2019.05, 2019.11, 2020.05 and 2020.10. The vulnerability could allow remote attackers to bypass user authentication and get unauthorized access.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
Microfocus ≫ Operations Bridge Manager Version2019.05
Microfocus ≫ Operations Bridge Manager Version2019.11
Microfocus ≫ Operations Bridge Manager Version2020.05
Microfocus ≫ Operations Bridge Manager Version2020.10
Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 0.85% | 0.728 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| nvd@nist.gov | 9.8 | 3.9 | 5.9 |
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
|
| nvd@nist.gov | 7.5 | 10 | 6.4 |
AV:N/AC:L/Au:N/C:P/I:P/A:P
|
CWE-287 Improper Authentication
When an actor claims to have a given identity, the product does not prove or insufficiently proves that the claim is correct.