CVE-2021-22506

Name of the Vulnerable Software and Affected Versions Micro Focus Access Manager versions prior to 5.0

Description The issue is related to an information leakage vulnerability in the Advance configuration of Micro Focus Access Manager. This vulnerability could cause information leakage. The vulnerability is also related to the implementation of the SAML authentication technology, which has insufficient protection of service data, allowing a remote attacker to gain unauthorized access to protected information.

Recommendations For versions prior to 5.0, update to version 5.0 or later to resolve the issue. As a temporary workaround, consider restricting access to sensitive information and configuring the Access Manager to minimize the risk of exploitation. Restrict access to the SAML authentication module to minimize the risk of unauthorized access.