CVE-2021-22506

HIGH KEV

Micro Focus Access Manager <5.0 - Info Disclosure

Title source: llm

Description

Advance configuration exposing Information Leakage vulnerability in Micro Focus Access Manager product, affects all versions prior to version 5.0. The vulnerability could cause information leakage.

References (2)

[Release Notes] https://www.microfocus.com/documentation/access-manager/5.0/accessmanager50-release-notes/accessmanager50-release-notes.html

[US Government Resource] https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2021-22506

Scores

CVSS v3 7.5

EPSS 0.1055

EPSS Percentile 93.3%

Attack Vector NETWORK

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

Details

CISA KEV 2021-11-03

VulnCheck KEV 2021-08-06

InTheWild.io 2021-06-06

ENISA EUVD EUVD-2021-9652

Status published

Products (1)

microfocus/access_manager < 5.0

Published Mar 26, 2021

KEV Added Nov 03, 2021

Tracked Since Feb 18, 2026