CVE-2021-22507Improper Authentication in Operations Bridge Manager

CWE-287Improper Authentication3 documents3 sources
Severity
9.8CRITICALNVD
EPSS
0.8%
top 25.10%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
1
Microfocus Operations Bridge Manager
Timeline
PublishedApr 8
Latest updateMay 24

Description

Authentication bypass vulnerability in Micro Focus Operations Bridge Manager affects versions 2019.05, 2019.11, 2020.05 and 2020.10. The vulnerability could allow remote attackers to bypass user authentication and get unauthorized access.

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:HExploitability: 3.9 | Impact: 5.9

Affected Packages2 packages

CVEListV5microfocus/operations_bridge_manager4 versions+3

🔴Vulnerability Details

2
GHSA
GHSA-h497-xcf4-fjvf: Authentication bypass vulnerability in Micro Focus Operations Bridge Manager affects versions 20192022-05-24
CVEList
CVE-2021-22507: Authentication bypass vulnerability in Micro Focus Operations Bridge Manager affects versions 20192021-04-08
CVE-2021-22507 — Improper Authentication | cvebase