Vulnerability in Storing and Reusing Information Leads to Data Leakage
CVE-2021-22509

6.5MEDIUM

Key Information:

Vendor: Opentext
Status: Netiq Advance Authentication
Vendor: CVE Published:; 28 August 2024

Summary

A significant security concern exists in NetIQ Advance Authentication that affects earlier versions prior to 6.3.5.1. The vulnerability arises from improper handling of sensitive information during its storage and reuse, potentially allowing unauthorized users to access confidential data. Organizations using affected versions are at risk of data leakage, which can lead to unauthorized access to critical information managed by the application. It is crucial for users to update to the latest version to mitigate these risks.

Affected Version(s)

NetIQ Advance Authentication Linux 6.3.5.1

References

https://www.netiq.com/documentation/advanced-authenticati...

CVSS V3.1

Score:

6.5

Severity:

MEDIUM

Confidentiality:

High

Integrity:

None

Availability:

High

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

Low

User Interaction:

None

Scope:

Unchanged

Timeline

Vulnerability published
Aug 28, 2024
Vulnerability Reserved
Jan 5, 2021

Collectors

NVD DatabaseMitre Database