Authentication Bypass Vulnerability in Micro Focus Access Manager
CVE-2021-22496

7.5HIGH

Key Information:

Vendor: Microfocus
Status: Access Manager
Vendor: CVE Published:; 25 March 2021

What is CVE-2021-22496?

An authentication bypass vulnerability exists in Micro Focus Access Manager that affects all versions prior to 4.5.3.3. This security flaw could lead to unauthorized access and potential information leakage, compromising the integrity and confidentiality of sensitive data. It is crucial for organizations using affected versions to implement necessary patches to mitigate risks associated with this vulnerability.

Affected Version(s)

Access Manager Access Manager versions prior to 4.5.3.3

References

https://www.netiq.com/documentation/access-manager-45-app...

x_refsource_MISC

CVSS V3.1

Score:

7.5

Severity:

HIGH

Confidentiality:

High

Integrity:

None

Availability:

High

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Mar 25, 2021
Vulnerability Reserved
Jan 5, 2021

Microfocus

What is CVE-2021-22496?

Affected Version(s)

References

CVSS V3.1

Timeline