CVE-2021-22497

Опубликовано: 12 апр. 2021

Источник: nvd

CVSS3: 3.8

CVSS3: 7.2

CVSS2: 6.5

EPSS Низкий

Описание

Advanced Authentication versions prior to 6.3 SP4 have a potential broken authentication due to improper session management issue.

Конфигурация 1

Одно из

cpe:2.3:a:microfocus:netiq_advanced_authentication:*:*:*:*:*:*:*:*

Версия до 6.3 (исключая)

cpe:2.3:a:microfocus:netiq_advanced_authentication:6.3:-:*:*:*:*:*:*

cpe:2.3:a:microfocus:netiq_advanced_authentication:6.3:sp1:*:*:*:*:*:*

cpe:2.3:a:microfocus:netiq_advanced_authentication:6.3:sp2:*:*:*:*:*:*

cpe:2.3:a:microfocus:netiq_advanced_authentication:6.3:sp3:*:*:*:*:*:*

EPSS

Процентиль: 46%

0.00229

Низкий

3.8 Low

CVSS3

7.2 High

CVSS3

6.5 Medium

CVSS2

CWE-287

GHSA-423x-7gwr-q727

github

больше 3 лет назад

Advanced Authentication versions prior to 6.3 SP4 have a potential broken authentication due to improper session management issue.

EPSS

Процентиль: 46%

0.00229

Низкий

3.8 Low

CVSS3

7.2 High

CVSS3

6.5 Medium

CVSS2

CWE-287