Privilege Escalation Vulnerability in Micro Focus Operations Agent
CVE-2021-22505

9.8CRITICAL

Key Information:

Vendor: Microfocus
Status: Operations Agent
Vendor: CVE Published:; 13 April 2021

What is CVE-2021-22505?

A privilege escalation vulnerability exists in Micro Focus Operations Agent that allows an unauthorized user to gain elevated permissions. Exploiting this vulnerability could enable an attacker to execute arbitrary code under the context of the Operations Agent account, potentially leading to unauthorized access to sensitive information and control over the affected systems. This issue affects specific versions of the product and requires prompt attention to mitigate potential risks.

Affected Version(s)

Operations Agent 12.0x, 12.10, 12.11, 12.12, 12.14 and 12.15.

References

https://softwaresupport.softwaregrp.com/doc/KM03792442

x_refsource_MISC

CVSS V3.1

Score:

9.8

Severity:

CRITICAL

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Apr 13, 2021
Vulnerability Reserved
Jan 5, 2021

Microfocus

What is CVE-2021-22505?

Affected Version(s)

References

CVSS V3.1

Timeline