Advanced Authentication Improper Session Management
CVE-2021-22497
3.8LOW
What is CVE-2021-22497?
Advanced Authentication versions prior to 6.3 SP4 have a potential broken authentication due to improper session management issue.
Affected Version(s)
Advanced Authentication All Advanced Authentication < 6.3 SP4
References
CVSS V3.1
Score:
3.8
Severity:
LOW
Confidentiality:
High
Integrity:
None
Availability:
High
Attack Vector:
Physical
Attack Complexity:
High
Privileges Required:
High
User Interaction:
None
Scope:
Unchanged
Timeline
Vulnerability published
Vulnerability Reserved
Credit
We would like to offer a special thank you to Syed Sohaib Karim <[email protected] for responsibly disclosing this vulnerability to us.