cbcvebase.
CVE-2021-22504
published 2021-02-12

CVE-2021-22504: Arbitrary code execution vulnerability on Micro Focus Operations Bridge Manager product, affecting versions 10.1x, 10.6x, 2018.05, 2018.11, 2019.05, 2019.11…

PriorityP260critical9.8CVSS 3.1
AVNACLPRNUINSUCHIHAH
EPSS
3.34%
87.1th percentile
Arbitrary code execution vulnerability on Micro Focus Operations Bridge Manager product, affecting versions 10.1x, 10.6x, 2018.05, 2018.11, 2019.05, 2019.11, 2020.05, 2020.10. The vulnerability could allow remote attackers to execute arbitrary code on an OBM server.

Affected

13 ranges
VendorProductVersion rangeFixed in
microfocusoperations_bridge_manager
microfocusoperations_bridge_manager
microfocusoperations_bridge_manager
microfocusoperations_bridge_manager
microfocusoperations_bridge_manager
microfocusoperations_bridge_manager
microfocusoperations_bridge_manager
microfocusoperations_bridge_manager
microfocusoperations_bridge_manager
microfocusoperations_bridge_manager
microfocusoperations_bridge_manager
microfocusoperations_bridge_manager
microfocusoperations_bridge_manager

CVSS provenance

nvdv3.19.8CRITICALCVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
nvdv2.010.0CRITICALAV:N/AC:L/Au:N/C:C/I:C/A:C
Stop checking back — get the weekly exploitation signal.

Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.