Cyber Resilience

CVE-2021-22505

Critical

Published: 13 April 2021

Published
13 April 2021
Modified
21 November 2024
KEV Added
Patch
CVSS Score v3.1 9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
EPSS Score 0.0088 75.9th percentile
Risk Priority 20 60% EPSS · 20% KEV · 20% CVSS

Summary

CVE-2021-22505 is a critical-severity an unspecified weakness vulnerability in Microfocus Operations Agent. Its CVSS base score is 9.8 (Critical).

Operationally, ranked in the top 24.1% of CVEs by exploit likelihood; it is not currently listed in the CISA KEV catalog.

EU & UK References

Vulnerability details

Escalation of privileges vulnerability in Micro Focus Operations Agent, affects versions 12.0x, 12.10, 12.11, 12.12, 12.14 and 12.15. The vulnerability could be exploited to escalate privileges and execute code under the account of the Operations Agent.

CWE(s)

Related Threats

No named actor attribution yet. ATT&CK technique mapping in progress for this CVE.

Affected Assets

microfocus
operations agent
12.0, 12.01, 12.02, 12.03, 12.04

Mitigating Controls

No mitigating controls mapped yet. The per-CVE control annotator has not reached this CVE.

References