CVE-2021-22498

EPSS 0.32% · P55 Updated Feb 24, 2026

Get alerts for future matching vulnerabilitiesLog in to subscribe

I. Basic Information for CVE-2021-22498

Vulnerability Information

Have questions about the vulnerability? See if Shenlong's analysis helps!

Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.

Vulnerability Title

N/A

Source: NVD (National Vulnerability Database)

Vulnerability Description

XML External Entity Injection vulnerability in Micro Focus Application Lifecycle Management (Previously known as Quality Center) product. The vulnerability affects versions 12.x, 12.60 Patch 5 and earlier, 15.0.1 Patch 2 and earlier and 15.5. The vulnerability could be exploited to allow an XML External Entity Injection.

Source: NVD (National Vulnerability Database)

CVSS Information

N/A

Source: NVD (National Vulnerability Database)

Vulnerability Type

N/A

Source: NVD (National Vulnerability Database)

Vulnerability Title

Micro Focus Application Lifecycle Management 代码问题漏洞

Source: CNNVD (China National Vulnerability Database)

Vulnerability Description

Micro Focus Application Lifecycle Management是英国Micro Focus公司的一个用于管理和自动化活动、洞察和资产，通过开发、测试和敏捷交付来交付基于需求的应用程序的一个统一的平台。 Micro Focus Application Lifecycle Management 存在代码问题漏洞，该漏洞源于允许XML外部实体注入，以下产品及版本受到影响：12.x, 12.60 Patch 5 and earlier, 15.0.1 Patch 2 and earlie

Source: CNNVD (China National Vulnerability Database)

CVSS Information

N/A

Source: CNNVD (China National Vulnerability Database)

Vulnerability Type

N/A

Source: CNNVD (China National Vulnerability Database)

Affected Products

Vendor	Product	Affected Versions	CPE	Subscribe
-	Application Lifecycle Management ( Previously known as Quality Center ).	Affected versions are: 12.x, 12.60 Patch 5 and earlier, 15.0.1 Patch 2 and earlier and 15.5.	-

II. Public POCs for CVE-2021-22498

#	POC Description	Source Link	Shenlong Link

AI-Generated POCPremium

No public POC found.

III. Intelligence Information for CVE-2021-22498

请登录查看更多情报信息。

Same Patch Batch · n/a · 2021-01-19 · 38 CVEs total

CVE-2020-28477	7.5 HIGH	Prototype Pollution
CVE-2020-28478	7.5 HIGH	Prototype Pollution
CVE-2020-28472	7.3 HIGH	Prototype Pollution
CVE-2020-28480	7.3 HIGH	Prototype Pollution
CVE-2020-28482	5.9 MEDIUM	Cross-site Request Forgery (CSRF)
CVE-2020-28479	5.9 MEDIUM	Denial of Service (DoS)
CVE-2020-28481	5.3 MEDIUM	Insecure Defaults
CVE-2020-27256		多款Sooil产品信任管理问题漏洞
CVE-2021-3184		MISP 跨站脚本漏洞
CVE-2020-27270		多款Sooil产品授权问题漏洞
CVE-2020-27272		多款Sooil产品访问控制错误漏洞
CVE-2020-27276		多款Sooil产品授权问题漏洞
CVE-2021-20190		FasterXML jackson-databind 代码问题漏洞
CVE-2020-8581		Clustered Data ONTAP 安全漏洞
CVE-2021-3183		File.com Fat Client 代码问题漏洞
CVE-2020-27258		多款Sooil产品信息泄露漏洞
CVE-2020-27264		多款Sooil产品安全特征问题漏洞
CVE-2020-11997		Apache Guacamole 安全漏洞
CVE-2020-27266		多款Sooil产品授权问题漏洞
CVE-2020-27268		多款Sooil产品授权问题漏洞

Showing top 20 of 38 CVEs. View all on vendor page → →

IV. Related Vulnerabilities

Same vendor: n/a

V. Comments for CVE-2021-22498

No comments yet

Goal Reached Thanks to every supporter — we hit 100%!

CVE-2021-22498

I. Basic Information for CVE-2021-22498

Vulnerability Information

Vulnerability Title

Vulnerability Description

CVSS Information

Vulnerability Type

Vulnerability Title

Vulnerability Description

CVSS Information

Vulnerability Type

Affected Products

II. Public POCs for CVE-2021-22498

III. Intelligence Information for CVE-2021-22498

Same Patch Batch · n/a · 2021-01-19 · 38 CVEs total

IV. Related Vulnerabilities

V. Comments for CVE-2021-22498

Leave a comment