Versio.io

CVE-2021-22531

Common vulnerabilities & exposures (CVE)

CVE databaseCVE database blogpostRelease & EoL database
 
Published at: - 12-05-2022 09:15
Last modified: - 23-05-2022 08:31
Total changes: - 2

Description

A bug exist in the input parameter of Access Manager that allows supply of invalid character to trigger cross-site scripting vulnerability. This affects NetIQ Access Manager 4.5 and 5.0

Common Vulnerability Scoring System (CVSS)

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
Low
Attack complexity
Network
Attack vector
None
Availability
Low
Confidentiality
Low
Integrity
None
Privileges required
Changed
Scope
Required
User interaction
6.1
Base score
2.8
2.7
Exploitability score
Impact score
 

Verification logic

OR
vendor=microfocus AND product=access_manager AND version=4.5 AND update=hotfix1
vendor=microfocus AND product=access_manager AND version=4.5 AND update=sp1
vendor=microfocus AND product=access_manager AND version=4.5 AND update=sp1_hotfix1
vendor=microfocus AND product=access_manager AND version=4.5 AND update=sp1_hotfix2
vendor=microfocus AND product=access_manager AND version=4.5 AND update=sp2
vendor=microfocus AND product=access_manager AND version=4.5 AND update=sp2_hotfix1
vendor=microfocus AND product=access_manager AND version=4.5 AND update=sp2_hotfix2
vendor=microfocus AND product=access_manager AND version=4.5 AND update=sp3
vendor=microfocus AND product=access_manager AND version=4.5 AND update=sp3_hotfix1
vendor=microfocus AND product=access_manager AND version=4.5 AND update=sp3_patch3
vendor=microfocus AND product=access_manager AND version=4.5 AND update=sp4
vendor=microfocus AND product=access_manager AND version=4.5 AND update=sp5
vendor=microfocus AND product=access_manager AND version=4.5 AND update=-
vendor=microfocus AND product=access_manager AND version=5.0 AND update=-
vendor=microfocus AND product=access_manager AND version=5.0 AND update=sp1
 

Reference

 


Keywords

NVD

 

CVE-2021-22531

 

CVE

 

Common vulnerabilities & exposures

 

CVSS

 

Common vulnerability scoring system

 

Security

 

Vulnerabilities

 

Exposures

 

We use cookies to ensure that we give you the best experience on our website. Read privacy policies for more information.