Advanced Authentication
by Microfocus
CVEs (4)
| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2023-24468 | Cri | 0.64 | 9.8 | 0.01 | Mar 15, 2023 | Broken access control in Advanced Authentication versions prior to 6.4.1.1 and 6.3.7.2 | ||
| CVE-2022-38753 | Med | 0.41 | 6.3 | 0.00 | Nov 28, 2022 | This update resolves a multi-factor authentication bypass attack | ||
| CVE-2021-22515 | Med | 0.31 | 4.8 | 0.01 | Jul 12, 2021 | Multi-Factor Authentication (MFA) functionality can be bypassed, allowing the use of single factor authentication in NetIQ Advanced Authentication versions prior to 6.3 SP4 Patch 1. | ||
| CVE-2021-22497 | Low | 0.25 | 3.8 | 0.01 | Apr 12, 2021 | Advanced Authentication versions prior to 6.3 SP4 have a potential broken authentication due to improper session management issue. |
- risk 0.64cvss 9.8epss 0.01
Broken access control in Advanced Authentication versions prior to 6.4.1.1 and 6.3.7.2
- risk 0.41cvss 6.3epss 0.00
This update resolves a multi-factor authentication bypass attack
- risk 0.31cvss 4.8epss 0.01
Multi-Factor Authentication (MFA) functionality can be bypassed, allowing the use of single factor authentication in NetIQ Advanced Authentication versions prior to 6.3 SP4 Patch 1.
- risk 0.25cvss 3.8epss 0.01
Advanced Authentication versions prior to 6.3 SP4 have a potential broken authentication due to improper session management issue.