NetIQ Advance Authentication Vulnerability Could Lead to User Account Compromise or Server Performance Issues
CVE-2021-22530

9.9CRITICAL

Key Information:

Vendor

Opentext
Status
Netiq Advance Authentication
Vendor
CVE Published:
28 August 2024

What is CVE-2021-22530?

A critical security flaw exists in NetIQ Advance Authentication, which fails to implement effective account lockout mechanisms during brute force attacks on API logins. This oversight may allow unauthorized users to gain access to accounts by incrementally guessing credentials, thereby risking user account compromise and potentially degrading server performance. All versions of NetIQ Advance Authentication prior to 6.3.5.1 are affected, emphasizing the importance of maintaining updated software to mitigate risks associated with this vulnerability.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

Affected Version(s)

NetIQ Advance Authentication Linux 6.3.5.1

References

https://www.netiq.com/documentation/advanced-authenticati...

CVSS V3.1

Score:
9.9
Severity:
CRITICAL
Confidentiality:
High
Integrity:
Low
Availability:
High
Attack Vector:
Network
Attack Complexity:
Low
Privileges Required:
None
User Interaction:
None
Scope:
Changed

Timeline

  • Vulnerability published

  • Vulnerability Reserved

JSON
.