Cross-Site Scripting Vulnerability Affects NetIQ Advance Authentication
CVE-2021-38122

8.2HIGH

Key Information:

Vendor: Opentext
Status: Netiq Advance Authentication
Vendor: CVE Published:; 28 August 2024

Summary

A Cross-Site Scripting vulnerability exists in NetIQ Advance Authentication affecting versions prior to 6.3.5.1. This vulnerability can impact the server's functionality, potentially allowing an attacker to execute arbitrary scripts in the context of the user's session. As a result, sensitive information may be disclosed, posing serious security risks. It is essential for organizations using this product to apply the latest updates to mitigate this vulnerability.

Affected Version(s)

NetIQ Advance Authentication Linux 6.3.5.1

References

https://www.netiq.com/documentation/advanced-authenticati...

CVSS V3.1

Score:

8.2

Severity:

HIGH

Confidentiality:

High

Integrity:

Low

Availability:

High

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

Required

Scope:

Changed

Timeline

Vulnerability published
Aug 28, 2024
Vulnerability Reserved
Aug 4, 2021