XML External Entity Reference Vulnerability in OpenText Operations Bridge Manager
CVE-2021-22501

Currently unrated

Key Information:

Vendor: Opentext™
Status: Operations Bridge Manager
Vendor: CVE Published:; 19 December 2024

Summary

CVE-2021-22501 is a vulnerability affecting OpenText's Operations Bridge Manager, characterized by improper restriction of XML External Entity (XXE) references. This vulnerability allows attackers to manipulate input data, potentially leading to unauthorized access and exposure of sensitive information. The following versions of Operations Bridge Manager are affected: 2017.05, 2017.11, 2018.05, 2018.11, 2019.05, 2019.11, 2020.05, and 2020.10. Organizations using any of these versions should take immediate steps to patch and protect their systems to mitigate the risk of exploitation.

Affected Version(s)

Operations Bridge Manager 2017.05

Operations Bridge Manager 2017.11

Operations Bridge Manager 2018.05

References

https://portal.microfocus.com/s/article/KM000037407?langu...

Timeline

Vulnerability published
Dec 19, 2024
Vulnerability Reserved
Jan 5, 2021