Arbitrary Code Execution Vulnerability in Micro Focus Application Performance Management
CVE-2021-22514

9.8CRITICAL

Key Information:

Vendor: Microfocus
Status: Application Performance Management (apm)
Vendor: CVE Published:; 28 April 2021

What is CVE-2021-22514?

A critical vulnerability in Micro Focus Application Performance Management allows remote attackers to execute arbitrary code on affected installations. This issue impacts versions 9.40, 9.50, and 9.51, posing a significant security risk. Organizations using these versions should take immediate action to assess their systems for potential exploitation and apply relevant patches.

Affected Version(s)

Application Performance Management (APM) Micro Focus Application Performance Management 9.40, 9.50 and 9.51

References

https://softwaresupport.softwaregrp.com/doc/KM03806649

x_refsource_MISC

CVSS V3.1

Score:

9.8

Severity:

CRITICAL

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Apr 28, 2021
Vulnerability Reserved
Jan 5, 2021

Microfocus

What is CVE-2021-22514?

Affected Version(s)

References

CVSS V3.1

Timeline