CVE-2022-21536

Name of the Vulnerable Software and Affected Versions Enterprise Manager Base Platform versions 13.4.0.0 through 13.5.0.0

Description The issue exists due to insufficient input validation in the Policy Framework component of the Enterprise Manager Base Platform. This allows a remote attacker to execute arbitrary code via HTTP requests. Successful attacks can result in the takeover of the Enterprise Manager Base Platform. The vulnerability is difficult to exploit and can be used by an unauthenticated attacker with network access via HTTP.

Recommendations For versions 13.4.0.0 and 13.5.0.0, update to a version that includes the fix for this issue. At the moment, there is no information about a newer version that contains a fix for this vulnerability.