Environment
ZENworks Configuration Management 2020 Update 1 and all prior versions
ZENworks Endpoint Security Management 2020 Update 1 and all prior versions
Situation
A privileged escalation vulnerability has been identified in the ZENworks Configuration Management and ZENworks Endpoint Security Management products. The vulnerability could be exploited to gain unauthorized system privileges.
Potential Security Impact: Local Vulnerability
Resolution
Micro Focus has made patches available for the following versions:
- ZENworks Configuration Management 2020 Update 1, 2020, 2017 Update 4 FRU1 and 2017 Update 4.
- ZENworks Endpoint Security Management 2020 Update 1, 2020, 2017 Update 4 FRU1 and 2017 Update 4.
Customers are requested to contact Micro Focus Support at the earliest to obtain the patches and steps to mitigate the vulnerability, and deploy the patches in their environment as soon as possible.
Status
Security AlertAdditional Information
CVSS Version 3.1 Metrics:
Reference | V3 Vector | V3 Base Score |
CVE-2021-22521 | AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H | 8.2 |