CVE-2021-22505
Critical
Published: 13 April 2021
Published
13 April 2021
Modified
21 November 2024
KEV Added
—
Patch
—
CVSS Score v3.1
9.8
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
EPSS Score
0.0088
75.9th percentile
Risk Priority
20
60% EPSS · 20% KEV · 20% CVSS
Summary
CVE-2021-22505 is a critical-severity an unspecified weakness vulnerability in Microfocus Operations Agent. Its CVSS base score is 9.8 (Critical).
Operationally, ranked in the top 24.1% of CVEs by exploit likelihood; it is not currently listed in the CISA KEV catalog.
EU & UK References
- 🇪🇺 ENISA EUVD: EUVD-2021-9651
Vulnerability details
Escalation of privileges vulnerability in Micro Focus Operations Agent, affects versions 12.0x, 12.10, 12.11, 12.12, 12.14 and 12.15. The vulnerability could be exploited to escalate privileges and execute code under the account of the Operations Agent.
- CWE(s)
Related Threats
No named actor attribution yet. ATT&CK technique mapping in progress for this CVE.
Affected Assets
microfocus
operations agent
12.0, 12.01, 12.02, 12.03, 12.04
Mitigating Controls
No mitigating controls mapped yet. The per-CVE control annotator has not reached this CVE.