CVE-2021-22517
Severity CVSS v4.0:
Pending analysis
Type:
Unavailable / Other
Publication date:
05/08/2021
Last modified:
07/11/2023
Description
A potential unauthorized privilege escalation vulnerability has been identified in Micro Focus Data Protector. The vulnerability affects versions 10.10, 10.20, 10.30, 10.40, 10.50, 10.60, 10.70, 10.80, 10.0 and 10.91. A privileged user may potentially misuse this feature and thus allow unintended and unauthorized access of data.
Impact
Base Score 3.x
8.80
Severity 3.x
HIGH
Base Score 2.0
6.50
Severity 2.0
MEDIUM
Vulnerable products and versions
| CPE | From | Up to |
|---|---|---|
| cpe:2.3:a:microfocus:data_protector:10.0:*:*:*:*:*:*:* | ||
| cpe:2.3:a:microfocus:data_protector:10.10:*:*:*:*:*:*:* | ||
| cpe:2.3:a:microfocus:data_protector:10.20:*:*:*:*:*:*:* | ||
| cpe:2.3:a:microfocus:data_protector:10.30:*:*:*:*:*:*:* | ||
| cpe:2.3:a:microfocus:data_protector:10.40:*:*:*:*:*:*:* | ||
| cpe:2.3:a:microfocus:data_protector:10.50:*:*:*:*:*:*:* | ||
| cpe:2.3:a:microfocus:data_protector:10.60:*:*:*:*:*:*:* | ||
| cpe:2.3:a:microfocus:data_protector:10.70:*:*:*:*:*:*:* | ||
| cpe:2.3:a:microfocus:data_protector:10.80:*:*:*:*:*:*:* | ||
| cpe:2.3:a:microfocus:data_protector:10.91:*:*:*:*:*:*:* |
To consult the complete list of CPE names with products and versions, see this page