Vulnerability Details CVE-2021-22497
Advanced Authentication versions prior to 6.3 SP4 have a potential broken authentication due to improper session management issue.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.002
EPSS Ranking 47.8%
CVSS Severity
CVSS v3 Score 3.8
CVSS v2 Score 6.5
References
- https://www.netiq.com/documentation/advanced-authentication-63/advanced-authentication-releasenotes-634/data/advanced-authentication-releasenotes-634.html
- https://www.netiq.com/documentation/advanced-authentication-63/advanced-authentication-releasenotes-634/data/advanced-authentication-releasenotes-634.html
Products affected by CVE-2021-22497
-
cpe:2.3:a:microfocus:netiq_advanced_authentication:4.11
-
cpe:2.3:a:microfocus:netiq_advanced_authentication:4.12
-
cpe:2.3:a:microfocus:netiq_advanced_authentication:5.1
-
cpe:2.3:a:microfocus:netiq_advanced_authentication:5.1.2
-
cpe:2.3:a:microfocus:netiq_advanced_authentication:5.1.3
-
cpe:2.3:a:microfocus:netiq_advanced_authentication:5.2
-
cpe:2.3:a:microfocus:netiq_advanced_authentication:5.3
-
cpe:2.3:a:microfocus:netiq_advanced_authentication:5.4
-
cpe:2.3:a:microfocus:netiq_advanced_authentication:5.5
-
cpe:2.3:a:microfocus:netiq_advanced_authentication:5.6
-
cpe:2.3:a:microfocus:netiq_advanced_authentication:6.0
-
cpe:2.3:a:microfocus:netiq_advanced_authentication:6.1
-
cpe:2.3:a:microfocus:netiq_advanced_authentication:6.2
-
cpe:2.3:a:microfocus:netiq_advanced_authentication:6.3