cbcvebase.
CVE-2021-22506
published 2021-03-26

CVE-2021-22506: Advance configuration exposing Information Leakage vulnerability in Micro Focus Access Manager product, affects all versions prior to version 5.0. The…

PriorityP180high7.5CVSS 3.1
AVNACLPRNUINSUCHINAN
KEVITW
CISA Known Exploited Vulnerabilitydue 2021-11-17
Exploited in the wild
EPSS
25.70%
97.7th percentile
Advance configuration exposing Information Leakage vulnerability in Micro Focus Access Manager product, affects all versions prior to version 5.0. The vulnerability could cause information leakage.

Affected

1 ranges
VendorProductVersion rangeFixed in
microfocusaccess_manager< 5.05.0

Detection & IOCsextracted from sources · hover to see the quote

  • Vulnerability involves a SAML service provider redirection issue — monitor for anomalous or unexpected Assertion Consumer Service (ACS) URL values in SAML authentication requests, particularly those redirecting to external or unregistered endpoints.
  • Audit and monitor Micro Focus Access Manager advance configuration endpoints for unauthorized access or unexpected information disclosure responses.
  • ·All versions of Micro Focus Access Manager prior to version 5.0 are affected; upgrade to 5.0 or later per vendor instructions.
  • ·The vulnerability is triggered via the Assertion Consumer Service URL in SAML SP flows — review and restrict ACS URL configurations to only trusted, registered endpoints.

CVSS provenance

nvdv3.17.5HIGHCVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
nvdv2.05.0MEDIUMAV:N/AC:L/Au:N/C:P/I:N/A:N
vulncheck7.5HIGH
cisa7.5HIGH
CVEs like this are exactly what “Exploited This Week” covers.

Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.