Sensitive Information Exposure in Micro Focus Secure API Manager
CVE-2021-22516

7.5HIGH

Key Information:

Vendor: Microfocus
Status: Secure Api Manager (SAPim).
Vendor: CVE Published:; 4 June 2021

What is CVE-2021-22516?

The Micro Focus Secure API Manager is subject to a vulnerability that permits the unintentional logging of sensitive information. This security flaw occurs in version 2.0.0, where critical data could be inadvertently recorded, potentially exposing confidential information to unauthorized individuals. Organizations using this version should review their log management practices to mitigate risks associated with unintended data exposure.

Affected Version(s)

Secure API Manager (SAPIM). 2.0.0

References

https://www.microfocus.com/documentation/secure-api-manag...

x_refsource_MISC

CVSS V3.1

Score:

7.5

Severity:

HIGH

Confidentiality:

High

Integrity:

None

Availability:

High

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Jun 4, 2021
Vulnerability Reserved
Jan 5, 2021

Microfocus

What is CVE-2021-22516?

Affected Version(s)

References

CVSS V3.1

Timeline