Vulnerability Details CVE-2021-22515
Multi-Factor Authentication (MFA) functionality can be bypassed, allowing the use of single factor authentication in NetIQ Advanced Authentication versions prior to 6.3 SP4 Patch 1.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.002
EPSS Ranking 41.7%
CVSS Severity
CVSS v3 Score 4.8
CVSS v2 Score 4.0
References
- https://www.netiq.com/documentation/advanced-authentication-63/advanced-authentication-releasenotes-6341/data/advanced-authentication-releasenotes-6341.html
- https://www.netiq.com/documentation/advanced-authentication-63/advanced-authentication-releasenotes-6341/data/advanced-authentication-releasenotes-6341.html
Products affected by CVE-2021-22515
-
cpe:2.3:a:microfocus:netiq_advanced_authentication:4.11
-
cpe:2.3:a:microfocus:netiq_advanced_authentication:4.12
-
cpe:2.3:a:microfocus:netiq_advanced_authentication:5.1
-
cpe:2.3:a:microfocus:netiq_advanced_authentication:5.1.2
-
cpe:2.3:a:microfocus:netiq_advanced_authentication:5.1.3
-
cpe:2.3:a:microfocus:netiq_advanced_authentication:5.2
-
cpe:2.3:a:microfocus:netiq_advanced_authentication:5.3
-
cpe:2.3:a:microfocus:netiq_advanced_authentication:5.4
-
cpe:2.3:a:microfocus:netiq_advanced_authentication:5.5
-
cpe:2.3:a:microfocus:netiq_advanced_authentication:5.6
-
cpe:2.3:a:microfocus:netiq_advanced_authentication:6.0
-
cpe:2.3:a:microfocus:netiq_advanced_authentication:6.1
-
cpe:2.3:a:microfocus:netiq_advanced_authentication:6.2
-
cpe:2.3:a:microfocus:netiq_advanced_authentication:6.3