Vulnerabilities > CVE-2021-22521 - Incorrect Authorization vulnerability in Microfocus products

CVSS 6.7 - MEDIUM

Attack vector

LOCAL

Attack complexity

LOW

Privileges required

HIGH

Confidentiality impact

HIGH

Integrity impact

HIGH

Availability impact

HIGH

local

low complexity

microfocus

CWE-863

NVD

Published: 2021-07-30

Updated: 2023-11-07

Summary

A privileged escalation vulnerability has been identified in Micro Focus ZENworks Configuration Management, affecting version 2020 Update 1 and all prior versions. The vulnerability could be exploited to gain unauthorized system privileges.

Vulnerable Configurations

Part	Description	Count
Application	Microfocus Microfocus Zenworks Endpoint Security Management 2020 Microfocus Zenworks Endpoint Security Management - Microfocus Zenworks Configuration Management - Microfocus Zenworks Configuration Management 2020	6

Common Weakness Enumeration (CWE)

CWE-863 - Incorrect Authorization

References

https://support.microfocus.com/kb/doc.php?id=7025205