CVE-2021-22500
MEDIUMMicro Focus Application Performance Management <9.51 - CSRF
Title source: llmDescription
Cross Site Request Forgery vulnerability in Micro Focus Application Performance Management product, affecting versions 9.40, 9.50 and 9.51. The vulnerability could be exploited by attacker to trick the users into executing actions of the attacker's choosing.
References (1)
Core 1
Core References
Various Sources x_refsource_confirm
https://softwaresupport.softwaregrp.com/doc/KM03775253
Scores
CVSS v3
6.5
EPSS
0.0012
EPSS Percentile
30.0%
Attack Vector
NETWORK
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N
Details
CWE
CWE-352
Status
published
Products (3)
microfocus/application_performance_management
9.40
microfocus/application_performance_management
9.50
microfocus/application_performance_management
9.51
Published
Feb 06, 2021
Tracked Since
Feb 18, 2026