Vulnerability-Lookup - Search a vulnerability

Search criteria

Vendor

Product

Assigner

Sources

Sort by

Order

FKIE_CVE-2021-22535

Vulnerability from fkie_nvd - Published: 2021-09-28 14:15 - Updated: 2024-11-21 05:50

Severity ?

4.9 (Medium) - CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N

Summary

Unauthorized information security disclosure vulnerability on Micro Focus Directory and Resource Administrator (DRA) product, affecting all DRA versions prior to 10.1 Patch 1. The vulnerability could lead to unauthorized information disclosure.

References

	URL	Tags
	security@opentext.com	https://support.microfocus.com/kb/doc.php?id=7025273
	af854a3a-2127-422b-91ae-364da2661108	https://support.microfocus.com/kb/doc.php?id=7025273

Impacted products

	Vendor	Product	Version
	microfocus	netiq_directory_and_resource_administrator	*

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:microfocus:netiq_directory_and_resource_administrator:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "DE7D74AE-1A01-44E2-BAF5-78351F7960C8",
              "versionEndExcluding": "10.1.0.1",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "Unauthorized information security disclosure vulnerability on Micro Focus Directory and Resource Administrator (DRA) product, affecting all DRA versions prior to 10.1 Patch 1. The vulnerability could lead to unauthorized information disclosure."
    },
    {
      "lang": "es",
      "value": "Una vulnerabilidad de divulgaci\u00f3n de seguridad de informaci\u00f3n no autorizada en el producto Micro Focus Directory and Resource Administrator (DRA), que afecta a todas las versiones de DRA anteriores a 10.1 Parche 1. La vulnerabilidad podr\u00eda conllevar a una divulgaci\u00f3n no autorizada de informaci\u00f3n"
    }
  ],
  "id": "CVE-2021-22535",
  "lastModified": "2024-11-21T05:50:17.803",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "LOW",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "ADJACENT_NETWORK",
          "authentication": "SINGLE",
          "availabilityImpact": "NONE",
          "baseScore": 2.7,
          "confidentialityImpact": "PARTIAL",
          "integrityImpact": "NONE",
          "vectorString": "AV:A/AC:L/Au:S/C:P/I:N/A:N",
          "version": "2.0"
        },
        "exploitabilityScore": 5.1,
        "impactScore": 2.9,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ],
    "cvssMetricV31": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "NONE",
          "baseScore": 4.9,
          "baseSeverity": "MEDIUM",
          "confidentialityImpact": "HIGH",
          "integrityImpact": "NONE",
          "privilegesRequired": "HIGH",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N",
          "version": "3.1"
        },
        "exploitabilityScore": 1.2,
        "impactScore": 3.6,
        "source": "nvd@nist.gov",
        "type": "Primary"
      }
    ]
  },
  "published": "2021-09-28T14:15:07.630",
  "references": [
    {
      "source": "security@opentext.com",
      "url": "https://support.microfocus.com/kb/doc.php?id=7025273"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://support.microfocus.com/kb/doc.php?id=7025273"
    }
  ],
  "sourceIdentifier": "security@opentext.com",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-863"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

CVE-2021-22535 (GCVE-0-2021-22535)

Vulnerability from cvelistv5 – Published: 2021-09-28 13:54 – Updated: 2024-08-03 18:44

Summary

Unauthorized information security disclosure vulnerability on Micro Focus Directory and Resource Administrator (DRA) product, affecting all DRA versions prior to 10.1 Patch 1. The vulnerability could lead to unauthorized information disclosure.

Severity ?

No CVSS data available.

CWE

unauthorized information security disclosure.

Assigner

microfocus

References

URL

Tags

https://support.microfocus.com/kb/doc.php?id=7025273

x_refsource_MISC

Impacted products

	Vendor	Product	Version
	n/a	Directory and Resource Administrator (DRA)	Affected: All DRA versions prior to 10.1 Patch 1

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-03T18:44:14.070Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://support.microfocus.com/kb/doc.php?id=7025273"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "Directory and Resource Administrator (DRA)",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "All DRA versions prior to 10.1 Patch 1"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "Unauthorized information security disclosure vulnerability on Micro Focus Directory and Resource Administrator (DRA) product, affecting all DRA versions prior to 10.1 Patch 1. The vulnerability could lead to unauthorized information disclosure."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "unauthorized information security disclosure.",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2021-09-28T13:54:45",
        "orgId": "f81092c5-7f14-476d-80dc-24857f90be84",
        "shortName": "microfocus"
      },
      "references": [
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://support.microfocus.com/kb/doc.php?id=7025273"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "security@microfocus.com",
          "ID": "CVE-2021-22535",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "Directory and Resource Administrator (DRA)",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "All DRA versions prior to 10.1 Patch 1"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "Unauthorized information security disclosure vulnerability on Micro Focus Directory and Resource Administrator (DRA) product, affecting all DRA versions prior to 10.1 Patch 1. The vulnerability could lead to unauthorized information disclosure."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "unauthorized information security disclosure."
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://support.microfocus.com/kb/doc.php?id=7025273",
              "refsource": "MISC",
              "url": "https://support.microfocus.com/kb/doc.php?id=7025273"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "f81092c5-7f14-476d-80dc-24857f90be84",
    "assignerShortName": "microfocus",
    "cveId": "CVE-2021-22535",
    "datePublished": "2021-09-28T13:54:45",
    "dateReserved": "2021-01-05T00:00:00",
    "dateUpdated": "2024-08-03T18:44:14.070Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2021-22535 (GCVE-0-2021-22535)

Vulnerability from nvd – Published: 2021-09-28 13:54 – Updated: 2024-08-03 18:44

Summary

Unauthorized information security disclosure vulnerability on Micro Focus Directory and Resource Administrator (DRA) product, affecting all DRA versions prior to 10.1 Patch 1. The vulnerability could lead to unauthorized information disclosure.

Severity ?

No CVSS data available.

CWE

unauthorized information security disclosure.

Assigner

microfocus

References

URL

Tags

https://support.microfocus.com/kb/doc.php?id=7025273

x_refsource_MISC

Impacted products

	Vendor	Product	Version
	n/a	Directory and Resource Administrator (DRA)	Affected: All DRA versions prior to 10.1 Patch 1

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-03T18:44:14.070Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://support.microfocus.com/kb/doc.php?id=7025273"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "Directory and Resource Administrator (DRA)",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "All DRA versions prior to 10.1 Patch 1"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "Unauthorized information security disclosure vulnerability on Micro Focus Directory and Resource Administrator (DRA) product, affecting all DRA versions prior to 10.1 Patch 1. The vulnerability could lead to unauthorized information disclosure."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "unauthorized information security disclosure.",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2021-09-28T13:54:45",
        "orgId": "f81092c5-7f14-476d-80dc-24857f90be84",
        "shortName": "microfocus"
      },
      "references": [
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://support.microfocus.com/kb/doc.php?id=7025273"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "security@microfocus.com",
          "ID": "CVE-2021-22535",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "Directory and Resource Administrator (DRA)",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "All DRA versions prior to 10.1 Patch 1"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "Unauthorized information security disclosure vulnerability on Micro Focus Directory and Resource Administrator (DRA) product, affecting all DRA versions prior to 10.1 Patch 1. The vulnerability could lead to unauthorized information disclosure."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "unauthorized information security disclosure."
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://support.microfocus.com/kb/doc.php?id=7025273",
              "refsource": "MISC",
              "url": "https://support.microfocus.com/kb/doc.php?id=7025273"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "f81092c5-7f14-476d-80dc-24857f90be84",
    "assignerShortName": "microfocus",
    "cveId": "CVE-2021-22535",
    "datePublished": "2021-09-28T13:54:45",
    "dateReserved": "2021-01-05T00:00:00",
    "dateUpdated": "2024-08-03T18:44:14.070Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

Search criteria

3 vulnerabilities found for netiq_directory_and_resource_administrator by microfocus

FKIE_CVE-2021-22535

CVE-2021-22535 (GCVE-0-2021-22535)

CVE-2021-22535 (GCVE-0-2021-22535)