CVE-2021-38122

MEDIUM

NetIQ Advanced Authentication < 6.3.5.1 - Cross-Site Scripting

Title source: llm
STIX 2.1

Description

A Cross-Site Scripting vulnerable identified in NetIQ Advance Authentication that impacts the server functionality and disclose sensitive information. This issue affects NetIQ Advance Authentication before 6.3.5.1

References (1)

Core 1

Scores

CVSS v3 6.2
EPSS 0.0019
EPSS Percentile 41.0%
Attack Vector NETWORK
CVSS:3.1/AV:N/AC:H/PR:H/UI:R/S:C/C:H/I:L/A:N

CISA SSVC

Vulnrichment
Exploitation none
Automatable no
Technical Impact partial

Details

CWE
CWE-20 CWE-79
Status published
Products (2)
microfocus/netiq_advanced_authentication 6.3 (7 CPE variants)
microfocus/netiq_advanced_authentication < 6.3
Published Aug 28, 2024
Tracked Since Feb 18, 2026