CVE-2021-38122

A Cross-Site Scripting vulnerable identified in NetIQ Advance Authentication that impacts the server functionality and disclose sensitive information. This issue affects NetIQ Advance Authentication before 6.3.5.1
Configurations

Configuration 1 (hide)

OR cpe:2.3:a:microfocus:netiq_advanced_authentication:*:*:*:*:*:*:*:*
cpe:2.3:a:microfocus:netiq_advanced_authentication:6.3:-:*:*:*:*:*:*
cpe:2.3:a:microfocus:netiq_advanced_authentication:6.3:sp1:*:*:*:*:*:*
cpe:2.3:a:microfocus:netiq_advanced_authentication:6.3:sp2:*:*:*:*:*:*
cpe:2.3:a:microfocus:netiq_advanced_authentication:6.3:sp3:*:*:*:*:*:*
cpe:2.3:a:microfocus:netiq_advanced_authentication:6.3:sp4:*:*:*:*:*:*
cpe:2.3:a:microfocus:netiq_advanced_authentication:6.3:sp4_patch1:*:*:*:*:*:*
cpe:2.3:a:microfocus:netiq_advanced_authentication:6.3:sp5:*:*:*:*:*:*

History

13 Sep 2024, 18:03

Type Values Removed Values Added
First Time Microfocus
Microfocus netiq Advanced Authentication
CPE cpe:2.3:a:opentext:netiq_advance_authentication:*:*:*:*:*:*:*:* cpe:2.3:a:microfocus:netiq_advanced_authentication:6.3:-:*:*:*:*:*:*
cpe:2.3:a:microfocus:netiq_advanced_authentication:6.3:sp5:*:*:*:*:*:*
cpe:2.3:a:microfocus:netiq_advanced_authentication:*:*:*:*:*:*:*:*
cpe:2.3:a:microfocus:netiq_advanced_authentication:6.3:sp4:*:*:*:*:*:*
cpe:2.3:a:microfocus:netiq_advanced_authentication:6.3:sp1:*:*:*:*:*:*
cpe:2.3:a:microfocus:netiq_advanced_authentication:6.3:sp3:*:*:*:*:*:*
cpe:2.3:a:microfocus:netiq_advanced_authentication:6.3:sp4_patch1:*:*:*:*:*:*
cpe:2.3:a:microfocus:netiq_advanced_authentication:6.3:sp2:*:*:*:*:*:*

12 Sep 2024, 15:05

Type Values Removed Values Added
CWE CWE-79
References () https://www.netiq.com/documentation/advanced-authentication-63/advanced-authentication-releasenotes-6351/data/advanced-authentication-releasenotes-6351.html - () https://www.netiq.com/documentation/advanced-authentication-63/advanced-authentication-releasenotes-6351/data/advanced-authentication-releasenotes-6351.html - Release Notes
First Time Opentext
Opentext netiq Advance Authentication
CVSS v2 : unknown
v3 : 6.2
v2 : unknown
v3 : 8.2
CPE cpe:2.3:a:opentext:netiq_advance_authentication:*:*:*:*:*:*:*:*

28 Aug 2024, 12:57

Type Values Removed Values Added
Summary
  • (es) Una vulnerabilidad de cross site scripting identificada en la autenticación avanzada de NetIQ que afecta la funcionalidad del servidor y revela información confidencial. Este problema afecta a la autenticación avanzada de NetIQ anterior a 6.3.5.1

28 Aug 2024, 07:15

Type Values Removed Values Added
New CVE

Information

Published : 2024-08-28 07:15

Updated : 2024-09-13 18:03


NVD link : CVE-2021-38122

Mitre link : CVE-2021-38122

CVE.ORG link : CVE-2021-38122


JSON object : View

Products Affected

microfocus

  • netiq_advanced_authentication
CWE
CWE-79

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')

CWE-20

Improper Input Validation