A vulnerability identified in NetIQ Advance Authentication that doesn't enforce account lockout when brute force attack is performed on API based login. This issue may lead to user account compromise if successful or may impact server performance. This issue impacts all NetIQ Advance Authentication before 6.3.5.1
Metrics
Affected Vendors & Products
References
History
Fri, 13 Sep 2024 17:45:00 +0000
Type | Values Removed | Values Added |
---|---|---|
First Time appeared |
Microfocus
Microfocus netiq Advanced Authentication |
|
Weaknesses | CWE-307 | |
CPEs | cpe:2.3:a:microfocus:netiq_advanced_authentication:*:*:*:*:*:*:*:* cpe:2.3:a:microfocus:netiq_advanced_authentication:6.3:-:*:*:*:*:*:* cpe:2.3:a:microfocus:netiq_advanced_authentication:6.3:sp1:*:*:*:*:*:* cpe:2.3:a:microfocus:netiq_advanced_authentication:6.3:sp2:*:*:*:*:*:* cpe:2.3:a:microfocus:netiq_advanced_authentication:6.3:sp3:*:*:*:*:*:* cpe:2.3:a:microfocus:netiq_advanced_authentication:6.3:sp4:*:*:*:*:*:* cpe:2.3:a:microfocus:netiq_advanced_authentication:6.3:sp4_patch1:*:*:*:*:*:* cpe:2.3:a:microfocus:netiq_advanced_authentication:6.3:sp5:*:*:*:*:*:* |
|
Vendors & Products |
Microfocus
Microfocus netiq Advanced Authentication |
Wed, 28 Aug 2024 14:30:00 +0000
Type | Values Removed | Values Added |
---|---|---|
Metrics |
ssvc
|
Wed, 28 Aug 2024 06:45:00 +0000
Type | Values Removed | Values Added |
---|---|---|
Description | A vulnerability identified in NetIQ Advance Authentication that doesn't enforce account lockout when brute force attack is performed on API based login. This issue may lead to user account compromise if successful or may impact server performance. This issue impacts all NetIQ Advance Authentication before 6.3.5.1 | |
Title | Improper account management vulnerability in NetIQ Advance Authentication | |
Weaknesses | CWE-667 | |
References |
| |
Metrics |
cvssV3_1
|
MITRE
Status: PUBLISHED
Assigner: OpenText
Published: 2024-08-28T06:29:20.166Z
Updated: 2024-08-28T13:31:54.122Z
Reserved: 2021-01-05T18:14:04.352Z
Link: CVE-2021-22530
Vulnrichment
Updated: 2024-08-28T13:31:49.984Z
NVD
Status : Analyzed
Published: 2024-08-28T07:15:06.750
Modified: 2024-09-13T17:15:29.670
Link: CVE-2021-22530
Redhat
No data.