cve,link,title,description,vendor,products,score,severity,epss,cisa,cisa_published,article,ransomware,exploited,exploited_date,poc,trended,trended_no_1,trended_no_1_date,published,trended_score
CVE-2021-22509,https://securityvulnerability.io/vulnerability/CVE-2021-22509,Vulnerability in Storing and Reusing Information Leads to Data Leakage,"A significant security concern exists in NetIQ Advance Authentication that affects earlier versions prior to 6.3.5.1. The vulnerability arises from improper handling of sensitive information during its storage and reuse, potentially allowing unauthorized users to access confidential data. Organizations using affected versions are at risk of data leakage, which can lead to unauthorized access to critical information managed by the application. It is crucial for users to update to the latest version to mitigate these risks.",Opentext,Netiq Advance Authentication,6.5,MEDIUM,0.0004900000058114529,false,,false,false,false,,,false,false,,2024-08-28T06:29:42.838Z,0
CVE-2021-22529,https://securityvulnerability.io/vulnerability/CVE-2021-22529,Sensitive Server Information Leak in NetIQ Advance Authentication Prior to Version 6.3.5.1,"A vulnerability has been identified in NetIQ Advance Authentication that permits the leakage of sensitive server information. This issue impacts versions of the software prior to 6.3.5.1. Organizations utilizing affected versions may face risks related to unauthorized access to critical server data, potentially leading to further security breaches. It is essential for businesses to review their instances of NetIQ Advance Authentication and take necessary steps to secure their systems against this exposure.",Opentext,Netiq Advance Authentication,5.5,MEDIUM,0.0004299999854993075,false,,false,false,false,,,false,false,,2024-08-28T06:29:33.325Z,0
CVE-2021-22530,https://securityvulnerability.io/vulnerability/CVE-2021-22530,NetIQ Advance Authentication Vulnerability Could Lead to User Account Compromise or Server Performance Issues,"A critical security flaw exists in NetIQ Advance Authentication, which fails to implement effective account lockout mechanisms during brute force attacks on API logins. This oversight may allow unauthorized users to gain access to accounts by incrementally guessing credentials, thereby risking user account compromise and potentially degrading server performance. All versions of NetIQ Advance Authentication prior to 6.3.5.1 are affected, emphasizing the importance of maintaining updated software to mitigate risks associated with this vulnerability.",Opentext,Netiq Advance Authentication,9.9,CRITICAL,0.0008699999889358878,false,,false,false,false,,,false,false,,2024-08-28T06:29:20.166Z,0
CVE-2021-38120,https://securityvulnerability.io/vulnerability/CVE-2021-38120,Backup Functionality Vulnerable to Bash Command Injection via Improper Command Parameter Handling,"A vulnerability in NetIQ Advance Authentication has been identified, allowing for potential bash command injection via improperly handled command parameters. This flaw specifically affects the backup functionalities under administrative control. Administrators utilizing versions of NetIQ Advance Authentication prior to 6.3.5.1 are at risk, as this vulnerability may enable attackers to execute arbitrary commands, thereby compromising the security of the system.",Opentext,Netiq Advance Authentication,7.2,HIGH,0.0004900000058114529,false,,false,false,false,,,false,false,,2024-08-28T06:28:55.684Z,0
CVE-2021-38121,https://securityvulnerability.io/vulnerability/CVE-2021-38121,Insufficient TLS Protocol Version Risk Affects Authentication Client Server Communication,"The vulnerability arises from the use of insufficient or weak TLS protocol versions in the NetIQ Advanced Authentication client-server communication. This weakness can potentially allow attackers to exploit the specific service accessed between devices, making the system vulnerable to interception and unauthorized access. It is crucial for users running versions of NetIQ Advanced Authentication earlier than 6.3.5.1 to address this issue promptly to enhance the security of their authentication systems.",Opentext,Netiq Advance Authentication,8.8,HIGH,0.0005300000193528831,false,,false,false,false,,,false,false,,2024-08-28T06:28:43.452Z,0
CVE-2021-38122,https://securityvulnerability.io/vulnerability/CVE-2021-38122,Cross-Site Scripting Vulnerability Affects NetIQ Advance Authentication,"A Cross-Site Scripting vulnerability exists in NetIQ Advance Authentication affecting versions prior to 6.3.5.1. This vulnerability can impact the server's functionality, potentially allowing an attacker to execute arbitrary scripts in the context of the user's session. As a result, sensitive information may be disclosed, posing serious security risks. It is essential for organizations using this product to apply the latest updates to mitigate this vulnerability.",Opentext,Netiq Advance Authentication,8.2,HIGH,0.0008800000068731606,false,,false,false,false,,,false,false,,2024-08-28T06:28:29.654Z,0