Privilege Escalation Vulnerability in Micro Focus ZENworks Configuration Management
CVE-2021-22521

6.7MEDIUM

Key Information:

Vendor: Microfocus
Status: Zenworks Configuration Management
Vendor: CVE Published:; 30 July 2021

What is CVE-2021-22521?

A privilege escalation vulnerability has been detected in Micro Focus ZENworks Configuration Management, allowing attackers to gain unauthorized system privileges on affected installations. This flaw impacts version 2020 Update 1 and all earlier iterations of the product. Exploiting this vulnerability could enable unauthorized users to execute commands with elevated permissions, posing substantial risks to system integrity and security.

Affected Version(s)

ZENworks Configuration Management 2020 Update 1 and all prior versions

References

https://support.microfocus.com/kb/doc.php?id=7025205

x_refsource_MISC

CVSS V3.1

Score:

6.7

Severity:

MEDIUM

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Local

Attack Complexity:

Low

Privileges Required:

High

User Interaction:

None

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Jul 30, 2021
Vulnerability Reserved
Jan 5, 2021

Microfocus

What is CVE-2021-22521?

Affected Version(s)

References

CVSS V3.1

Timeline