CVE-2021-22498

🗓️ 19 Jan 2021 15:56:44Reported by microfocusType

cve🔗 web.nvd.nist.gov📰️ 2 Media mentions👁 56 Views

CVE-2021-22498 XML External Entity Injection vulnerability in Micro Focus Application Lifecycle Managemen

Reporter	Title	Published	Views	Family All 8
Circl	CVE-2021-22498	19 Jan 202118:56	–	circl
CNNVD	Micro Focus Application Lifecycle Management Code Issue Vulnerability	19 Jan 202100:00	–	cnnvd
Cvelist	CVE-2021-22498	19 Jan 202115:56	–	cvelist
EUVD	EUVD-2021-9644	3 Oct 202520:07	–	euvd
NVD	CVE-2021-22498	19 Jan 202116:15	–	nvd
OSV	CVE-2021-22498	19 Jan 202116:15	–	osv
Prion	Xxe	19 Jan 202116:15	–	prion
RedhatCVE	CVE-2021-22498	9 Jan 202611:20	–	redhatcve

NVD

Node

microfocus application_lifecycle_managementRange12.50–12.60

microfocus application_lifecycle_managementRange15.0.0–15.0.1

microfocus application_lifecycle_managementMatch12.60patch1

microfocus application_lifecycle_managementMatch12.60patch2

microfocus application_lifecycle_managementMatch12.60patch3

microfocus application_lifecycle_managementMatch12.60patch4

microfocus application_lifecycle_managementMatch12.60patch5

microfocus application_lifecycle_managementMatch15.0.1patch1

microfocus application_lifecycle_managementMatch15.0.1patch2

microfocus application_lifecycle_managementMatch15.5

[
  {
    "product": "Application Lifecycle Management ( Previously known as Quality Center ).",
    "vendor": "n/a",
    "versions": [
      {
        "status": "affected",
        "version": "Affected versions are:  12.x, 12.60 Patch 5 and earlier, 15.0.1 Patch 2 and earlier and 15.5."
      }
    ]
  }
]

Source	Link
softwaresupport	www.softwaresupport.softwaregrp.com/doc/KM03771781

21 Nov 2024 05:50Current

8High risk

Vulners AI Score8

CVSS 25.5

CVSS 3.18.1

EPSS0.00324

CWE-611