Lucene search

[email protected]NVD:CVE-2021-38121

HistoryAug 28, 2024 - 7:15 a.m.

CVE-2021-38121

2024-08-2807:15:07

CWE-326

[email protected]

web.nvd.nist.gov

netiq advance authentication

insufficient tls

vulnerability

CVSS3

8.8

Attack Vector

ADJACENT

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

EPSS

0.001

Percentile

22.3%

JSON

Insufficient or weak TLS protocol version identified in Advance authentication client server communication when specific service is accessed between devices. This issue affects NetIQ Advance Authentication versions before 6.3.5.1

Affected configurations

Nvd

Node

microfocusnetiq_advanced_authenticationRange<6.3

microfocusnetiq_advanced_authenticationMatch6.3-

microfocusnetiq_advanced_authenticationMatch6.3sp1

microfocusnetiq_advanced_authenticationMatch6.3sp2

microfocusnetiq_advanced_authenticationMatch6.3sp3

microfocusnetiq_advanced_authenticationMatch6.3sp4

microfocusnetiq_advanced_authenticationMatch6.3sp4_patch1

microfocusnetiq_advanced_authenticationMatch6.3sp5

VendorProductVersionCPE
microfocusnetiq_advanced_authentication*cpe:2.3:a:microfocus:netiq_advanced_authentication:*:*:*:*:*:*:*:*
microfocusnetiq_advanced_authentication6.3cpe:2.3:a:microfocus:netiq_advanced_authentication:6.3:-:*:*:*:*:*:*
microfocusnetiq_advanced_authentication6.3cpe:2.3:a:microfocus:netiq_advanced_authentication:6.3:sp1:*:*:*:*:*:*
microfocusnetiq_advanced_authentication6.3cpe:2.3:a:microfocus:netiq_advanced_authentication:6.3:sp2:*:*:*:*:*:*
microfocusnetiq_advanced_authentication6.3cpe:2.3:a:microfocus:netiq_advanced_authentication:6.3:sp3:*:*:*:*:*:*
microfocusnetiq_advanced_authentication6.3cpe:2.3:a:microfocus:netiq_advanced_authentication:6.3:sp4:*:*:*:*:*:*
microfocusnetiq_advanced_authentication6.3cpe:2.3:a:microfocus:netiq_advanced_authentication:6.3:sp4_patch1:*:*:*:*:*:*
microfocusnetiq_advanced_authentication6.3cpe:2.3:a:microfocus:netiq_advanced_authentication:6.3:sp5:*:*:*:*:*:*

Vendor	Product	Version	CPE
microfocus	netiq_advanced_authentication	*	cpe:2.3:a:microfocus:netiq_advanced_authentication::::::::
microfocus	netiq_advanced_authentication	6.3	cpe:2.3:a:microfocus:netiq_advanced_authentication:6.3:-::::::
microfocus	netiq_advanced_authentication	6.3	cpe:2.3:a:microfocus:netiq_advanced_authentication:6.3:sp1::::::
microfocus	netiq_advanced_authentication	6.3	cpe:2.3:a:microfocus:netiq_advanced_authentication:6.3:sp2::::::
microfocus	netiq_advanced_authentication	6.3	cpe:2.3:a:microfocus:netiq_advanced_authentication:6.3:sp3::::::
microfocus	netiq_advanced_authentication	6.3	cpe:2.3:a:microfocus:netiq_advanced_authentication:6.3:sp4::::::
microfocus	netiq_advanced_authentication	6.3	cpe:2.3:a:microfocus:netiq_advanced_authentication:6.3:sp4_patch1::::::
microfocus	netiq_advanced_authentication	6.3	cpe:2.3:a:microfocus:netiq_advanced_authentication:6.3:sp5::::::

References

www.netiq.com/documentation/advanced-authentication-63/advanced-authentication-releasenotes-6351/data/advanced-authentication-releasenotes-6351.html

CVSS3

8.8

Attack Vector

ADJACENT

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

EPSS

0.001

Percentile

22.3%

JSON

Related for NVD:CVE-2021-38121

cvelist1 vulnrichment1 cve1