Vulnerability in Microfocus Netiq_advanced_authentication
CVE-2021-22530
A vulnerability identified in NetIQ Advance Authentication that doesn't enforce account lockout when brute force attack is performed on API based login. This issue may lead to user account compromise if successful or may impact server perf…
EPSS: 0.002 (11.9th percentile) — read the EPSS interpretation.
CVSS v3 metric
CVSS v3 base score 8.2 (High). Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:L/A:L.
Affected products
- Microfocus Netiq_advanced_authentication — versions 6.3
- Opentext Netiq Advance Authentication — versions 6.3.5.1
Weakness classification (CWE)
References
- security@opentext.com (Release Notes)
Frequently asked questions
- What is CVE-2021-22530?
- CVE-2021-22530 is a high-severity vulnerability in Microfocus Netiq_advanced_authentication, classified under Improper Locking. CVSS score: 8.2/10. Published 2024-08-28.
- How severe is CVE-2021-22530?
- High severity. CVSS v3 base score is 8.2 out of 10.