CVE-2021-22501 MEDIUM

CVE-2021-22501

Vendor Opentext™
Product Operations Bridge Manager
Weakness CWE-611 · XXE
Published December 19, 2024
Last update December 20, 2024

CVSS base score

5.3/10
Attack vector Network
Attack complexity Low
Privileges required Low
User interaction None
Confidentiality
Integrity

CVSS vector

CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/S:N/AU:Y/R:A/V:C/RE:M/U:Amber

What the vulnerability does

01Description

Improper Restriction of XML External Entity Reference vulnerability in OpenText™ Operations Bridge Manager allows Input Data Manipulation.  The vulnerability could be exploited to confidential information This issue affects Operations Bridge Manager: 2017.05, 2017.11, 2018.05, 2018.11, 2019.05, 2019.11, 2020.05, 2020.10.

Key dates

02Disclosure timeline

December 19, 2024 CVE published
December 20, 2024 Record updated