CVE-2021-22498

HIGH

8.1

CVSS Severity Score

EPSS Score0.1430%

EPSS Percentile34.84th

Published2021年1月19日

Last Modified2024年11月21日

Vulnerability Description

XML External Entity Injection vulnerability in Micro Focus Application Lifecycle Management (Previously known as Quality Center) product. The vulnerability affects versions 12.x, 12.60 Patch 5 and earlier, 15.0.1 Patch 2 and earlier and 15.5. The vulnerability could be exploited to allow an XML External Entity Injection.

Affected Platforms (CPE)

📦

Microfocus

Application Lifecycle Management

>= 12.50 and <= 12.60

📦

Microfocus

Application Lifecycle Management

>= 15.0.0 and <= 15.0.1

📦

Microfocus

Application Lifecycle Management

= 12.60

📦

Microfocus

Application Lifecycle Management

= 12.60

📦

Microfocus

Application Lifecycle Management

= 12.60

📦

Microfocus

Application Lifecycle Management

= 12.60

📦

Microfocus

Application Lifecycle Management

= 12.60

📦

Microfocus

Application Lifecycle Management

= 15.0.1

📦

Microfocus

Application Lifecycle Management

= 15.0.1

📦

Microfocus

Application Lifecycle Management

= 15.5

References & Advisories

🔗 https://softwaresupport.softwaregrp.com/doc/KM03771781

Vulnerability Description

Affected Platforms (CPE)

Application Lifecycle Management

Application Lifecycle Management

Application Lifecycle Management

Application Lifecycle Management

Application Lifecycle Management

Application Lifecycle Management

Application Lifecycle Management

Application Lifecycle Management

Application Lifecycle Management

Application Lifecycle Management

References & Advisories

相关漏洞威胁