Information disclosure in Microfocus Netiq_advanced_authentication
CVE-2021-22529
A vulnerability identified in NetIQ Advance Authentication that leaks sensitive server information. This issue affects NetIQ Advance Authentication version before 6.3.5.1
Vulnerability class: Information Disclosure
EPSS: 0.002 (5.3th percentile) — read the EPSS interpretation.
CVSS v3 metric
CVSS v3 base score 6.3 (Medium). Vector: CVSS:3.1/AV:L/AC:H/PR:H/UI:R/S:U/C:H/I:H/A:H.
Affected products
- Microfocus Netiq_advanced_authentication — versions 6.3
- Opentext Netiq Advance Authentication — versions 6.3.5.1
Weakness classification (CWE)
References
- security@opentext.com (Release Notes)
Frequently asked questions
- What is CVE-2021-22529?
- CVE-2021-22529 is a medium-severity vulnerability in Microfocus Netiq_advanced_authentication, classified under Information Disclosure. CVSS score: 6.3/10. Published 2024-08-28.
- How severe is CVE-2021-22529?
- Medium severity. CVSS v3 base score is 6.3 out of 10.