CVE-2021-38125

Unauthenticated remote code execution in Micro Focus Operations Bridge containerized, affecting versions 2021.05, 2021.08, and newer versions of Micro Focus Operations Bridge containerized if the deployment was upgraded from 2021.05 or 2021.08. The vulnerability could be exploited to unauthenticated remote code execution.

Published: Apr 11, 2022
Updated: Apr 14, 2023
CVE: CVE-2021-38125
Severity: Critical
Exploit:

CVSS v3:

Severity: Critical
Score: 9.8
AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

CVSS v2:

Severity: Medium
Score: 6.8
AV:N/AC:M/Au:N/C:P/I:P/A:P

No CWE or OWASP classifications available.

Affected Software
References

Software	From	Fixed in
microfocus / operations_bridge	2021.08	2021.08.x
microfocus / operations_bridge	2021.05	2021.05.x

https://portal.microfocus.com/s/article/KM000005303?language=en_US

Vulnerability Database

289,697

CVE-2021-38125