Vulnerabilities > Microfocus > Netiq Advanced Authentication > High

DATE	CVE	VULNERABILITY TITLE	RISK
2024-08-28	CVE-2021-38120	Command Injection vulnerability in Microfocus Netiq Advanced Authentication A vulnerability identified in Advance Authentication that allows bash command Injection in administrative controlled functionality of backup due to improper handling in provided command parameters. network low complexity microfocus CWE-77	7.2
2024-08-28	CVE-2021-38121	Inadequate Encryption Strength vulnerability in Microfocus Netiq Advanced Authentication Insufficient or weak TLS protocol version identified in Advance authentication client server communication when specific service is accessed between devices. This issue affects NetIQ Advance Authentication versions before 6.3.5.1 low complexity microfocus CWE-326	8.8
2024-08-28	CVE-2021-38122	Cross-site Scripting vulnerability in Microfocus Netiq Advanced Authentication A Cross-Site Scripting vulnerable identified in NetIQ Advance Authentication that impacts the server functionality and disclose sensitive information. This issue affects NetIQ Advance Authentication before 6.3.5.1 network low complexity microfocus CWE-79	8.2
2021-04-12	CVE-2021-22497	Improper Authentication vulnerability in Microfocus Netiq Advanced Authentication Advanced Authentication versions prior to 6.3 SP4 have a potential broken authentication due to improper session management issue. network low complexity microfocus CWE-287	7.2

CVE is a registered MITRE Corporation trademark and MITRE's CVE website is the authoritative source of CVE content. CWE is a registered MITRE Corporation trademark and MITRE's CWE website is the authoritative source of CWE content.