Vulnerabilities > CVE-2021-22498 - XXE vulnerability in Microfocus Application Lifecycle Management
Attack vector
NETWORK Attack complexity
LOW Privileges required
LOW Confidentiality impact
HIGH Integrity impact
NONE Availability impact
HIGH Summary
XML External Entity Injection vulnerability in Micro Focus Application Lifecycle Management (Previously known as Quality Center) product. The vulnerability affects versions 12.x, 12.60 Patch 5 and earlier, 15.0.1 Patch 2 and earlier and 15.5. The vulnerability could be exploited to allow an XML External Entity Injection.
Vulnerable Configurations
| Part | Description | Count |
|---|---|---|
| Application | 12 |