Broken access control in Advanced Authentication versions prior to 6.4.1.1 and 6.3.7.2
CVSS Vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:HMicrofocus Netiq Advanced Authentication
APPMicrofocus6.36.4< 6.3
🔵
CHECK WITH VENDOR
No clear patch data available. Check vendor references.
Related vulnerabilities
CVE-2021-22509HIGH8.1ten sam produkt
A vulnerability identified in storing and reusing information in Advance Authentication. This issue can lead t...
CVE-2021-38121HIGH8.3ten sam produkt
Insufficient or weak TLS protocol version identified in Advance authentication client server communication whe...
CVE-2021-22530HIGH8.2ten sam produkt
A vulnerability identified in NetIQ Advance Authentication that doesn't enforce account lockout when brute for...
CVE-2021-38120MEDIUM5.1ten sam produkt
A vulnerability identified in Advance Authentication that allows bash command Injection in administrative cont...
CVE-2021-38122MEDIUM6.2ten sam produkt
A Cross-Site Scripting vulnerable identified in NetIQ Advance Authentication that impacts the server functiona...