Micro Focus Netiq Advanced Authentication

Don't miss out!

Thousands of developers use stack.watch to stay informed.
Get an email whenever new security vulnerabilities are reported in Micro Focus Netiq Advanced Authentication.

By the Year

In 2026 there have been 0 vulnerabilities in Micro Focus Netiq Advanced Authentication. Netiq Advanced Authentication did not have any published security vulnerabilities last year.

Year	Vulnerabilities	Average Score
2026	0	0.00
2025	0	0.00
2024	6	7.68
2023	1	9.80
2022	1	6.30
2021	2	6.85
2020	0	0.00
2019	1	5.90

It may take a day or so for new Netiq Advanced Authentication vulnerabilities to show up in the stats or in the list of recent security vulnerabilities. Additionally vulnerabilities may be tagged under a different product or component name.

Recent Micro Focus Netiq Advanced Authentication Security Vulnerabilities

NetIQ Advance Authentication <6.3.5.1 API Login Lockout Bypass
CVE-2021-22530 9.9 - Critical - August 28, 2024

A vulnerability identified in NetIQ Advance Authentication that doesn't enforce account lockout when brute force attack is performed on API based login. This issue may lead to user account compromise if successful or may impact server performance. This issue impacts all NetIQ Advance Authentication before 6.3.5.1

Improper Restriction of Excessive Authentication Attempts

CVE-2021-38122: XSS in NetIQ Advance Auth Before 6.3.5.1
CVE-2021-38122 8.2 - High - August 28, 2024

A Cross-Site Scripting vulnerable identified in NetIQ Advance Authentication that impacts the server functionality and disclose sensitive information. This issue affects NetIQ Advance Authentication before 6.3.5.1

XSS

NetIQ Advance Authentication <6.3.5.1 Weak TLS Protocol
CVE-2021-38121 8.8 - High - August 28, 2024

Insufficient or weak TLS protocol version identified in Advance authentication client server communication when specific service is accessed between devices. This issue affects NetIQ Advance Authentication versions before 6.3.5.1

Inadequate Encryption Strength

NetIQ Advance Auth Bash Cmd Injection pre-6.3.5.1
CVE-2021-38120 7.2 - High - August 28, 2024

A vulnerability identified in Advance Authentication that allows bash command Injection in administrative controlled functionality of backup due to improper handling in provided command parameters. This issue affects NetIQ Advance Authentication version before 6.3.5.1.

Command Injection

NetIQ AA Info Leak before v6.3.5.1
CVE-2021-22529 5.5 - Medium - August 28, 2024

A vulnerability identified in NetIQ Advance Authentication that leaks sensitive server information. This issue affects NetIQ Advance Authentication version before 6.3.5.1

NetIQ Advance Authentication <=6.3.5.0 Sensitive Data Leakage via Stored Auth Info
CVE-2021-22509 6.5 - Medium - August 28, 2024

A vulnerability identified in storing and reusing information in Advance Authentication. This issue can lead to leakage of sensitive data to unauthorized user. The issue affects NetIQ Advance Authentication before 6.3.5.1

Cleartext Storage of Sensitive Information

Advanced Authentication <6.4.1.1: Broken Access Control
CVE-2023-24468 9.8 - Critical - March 15, 2023

Broken access control in Advanced Authentication versions prior to 6.4.1.1 and 6.3.7.2

MFA bypass vulnerability allows authentication bypass
CVE-2022-38753 6.3 - Medium - November 28, 2022

This update resolves a multi-factor authentication bypass attack

Multi-Factor Authentication (MFA) functionality can be bypassed
CVE-2021-22515 6.5 - Medium - July 12, 2021

Multi-Factor Authentication (MFA) functionality can be bypassed, allowing the use of single factor authentication in NetIQ Advanced Authentication versions prior to 6.3 SP4 Patch 1.

AuthZ

Advanced Authentication versions prior to 6.3 SP4 have a potential broken authentication due to improper session management issue.
CVE-2021-22497 7.2 - High - April 12, 2021

Advanced Authentication versions prior to 6.3 SP4 have a potential broken authentication due to improper session management issue.

authentification

A potential Man in the Middle attack (MITM) was found in NetIQ Advanced Authentication Framework versions prior to 6.0.
CVE-2019-11650 5.9 - Medium - July 10, 2019

A potential Man in the Middle attack (MITM) was found in NetIQ Advanced Authentication Framework versions prior to 6.0.

Stay on top of Security Vulnerabilities

Want an email whenever new vulnerabilities are published for Micro Focus Netiq Advanced Authentication or by Micro Focus? Click the Watch button to subscribe.

Micro Focus
Vendor

Micro Focus Netiq Advanced Authentication
Product

Micro Focus Netiq Advanced Authentication

Don't miss out!

By the Year

Recent Micro Focus Netiq Advanced Authentication Security Vulnerabilities

NetIQ Advance Authentication <6.3.5.1 API Login Lockout Bypass CVE-2021-22530 9.9 - Critical - August 28, 2024

CVE-2021-38122: XSS in NetIQ Advance Auth Before 6.3.5.1 CVE-2021-38122 8.2 - High - August 28, 2024

NetIQ Advance Authentication <6.3.5.1 Weak TLS Protocol CVE-2021-38121 8.8 - High - August 28, 2024

NetIQ Advance Auth Bash Cmd Injection pre-6.3.5.1 CVE-2021-38120 7.2 - High - August 28, 2024

NetIQ AA Info Leak before v6.3.5.1 CVE-2021-22529 5.5 - Medium - August 28, 2024

NetIQ Advance Authentication <=6.3.5.0 Sensitive Data Leakage via Stored Auth Info CVE-2021-22509 6.5 - Medium - August 28, 2024

Advanced Authentication <6.4.1.1: Broken Access Control CVE-2023-24468 9.8 - Critical - March 15, 2023

MFA bypass vulnerability allows authentication bypass CVE-2022-38753 6.3 - Medium - November 28, 2022

Multi-Factor Authentication (MFA) functionality can be bypassed CVE-2021-22515 6.5 - Medium - July 12, 2021

Advanced Authentication versions prior to 6.3 SP4 have a potential broken authentication due to improper session management issue. CVE-2021-22497 7.2 - High - April 12, 2021

A potential Man in the Middle attack (MITM) was found in NetIQ Advanced Authentication Framework versions prior to 6.0. CVE-2019-11650 5.9 - Medium - July 10, 2019