Sensitive Server Information Leak in NetIQ Advance Authentication Prior to Version 6.3.5.1
CVE-2021-22529

5.5MEDIUM

Key Information:

Vendor: Opentext
Status: Netiq Advance Authentication
Vendor: CVE Published:; 28 August 2024

Summary

A vulnerability has been identified in NetIQ Advance Authentication that permits the leakage of sensitive server information. This issue impacts versions of the software prior to 6.3.5.1. Organizations utilizing affected versions may face risks related to unauthorized access to critical server data, potentially leading to further security breaches. It is essential for businesses to review their instances of NetIQ Advance Authentication and take necessary steps to secure their systems against this exposure.

Affected Version(s)

NetIQ Advance Authentication Linux 6.3.5.1

References

https://www.netiq.com/documentation/advanced-authenticati...

CVSS V3.1

Score:

5.5

Severity:

MEDIUM

Confidentiality:

High

Integrity:

None

Availability:

High

Attack Vector:

Local

Attack Complexity:

Low

Privileges Required:

Low

User Interaction:

None

Scope:

Unchanged

Timeline

Vulnerability published
Aug 28, 2024
Vulnerability Reserved
Jan 5, 2021