Netiq Advanced Authentication Micro Focus Netiq Advanced Authentication

Don't miss out!

Thousands of developers use stack.watch to stay informed.
Get an email whenever new security vulnerabilities are reported in Micro Focus Netiq Advanced Authentication.

By the Year

In 2025 there have been 0 vulnerabilities in Micro Focus Netiq Advanced Authentication. Last year, in 2024 Netiq Advanced Authentication had 6 security vulnerabilities published. Right now, Netiq Advanced Authentication is on track to have less security vulnerabilities in 2025 than it did last year.




Year Vulnerabilities Average Score
2025 0 0.00
2024 6 7.68
2023 1 9.80
2022 1 6.30
2021 2 6.85
2020 0 0.00
2019 1 5.90
2018 0 0.00

It may take a day or so for new Netiq Advanced Authentication vulnerabilities to show up in the stats or in the list of recent security vulnerabilties. Additionally vulnerabilities may be tagged under a different product or component name.

Recent Micro Focus Netiq Advanced Authentication Security Vulnerabilities

A vulnerability identified in NetIQ Advance Authentication

CVE-2021-22530 9.9 - Critical - August 28, 2024

A vulnerability identified in NetIQ Advance Authentication that doesn't enforce account lockout when brute force attack is performed on API based login. This issue may lead to user account compromise if successful or may impact server performance. This issue impacts all NetIQ Advance Authentication before 6.3.5.1

Improper Restriction of Excessive Authentication Attempts

A Cross-Site Scripting vulnerable identified in NetIQ Advance Authentication

CVE-2021-38122 8.2 - High - August 28, 2024

A Cross-Site Scripting vulnerable identified in NetIQ Advance Authentication that impacts the server functionality and disclose sensitive information. This issue affects NetIQ Advance Authentication before 6.3.5.1

XSS

Insufficient or weak TLS protocol version identified in Advance authentication client server communication when specific service is accessed between devices

CVE-2021-38121 8.8 - High - August 28, 2024

Insufficient or weak TLS protocol version identified in Advance authentication client server communication when specific service is accessed between devices.  This issue affects NetIQ Advance Authentication versions before 6.3.5.1

Inadequate Encryption Strength

A vulnerability identified in Advance Authentication

CVE-2021-38120 7.2 - High - August 28, 2024

A vulnerability identified in Advance Authentication that allows bash command Injection in administrative controlled functionality of backup due to improper handling in provided command parameters. This issue affects NetIQ Advance Authentication version before 6.3.5.1.

Command Injection

A vulnerability identified in NetIQ Advance Authentication that leaks sensitive server information

CVE-2021-22529 5.5 - Medium - August 28, 2024

A vulnerability identified in NetIQ Advance Authentication that leaks sensitive server information. This issue affects NetIQ Advance Authentication version before 6.3.5.1

A vulnerability identified in storing and reusing information in Advance Authentication

CVE-2021-22509 6.5 - Medium - August 28, 2024

A vulnerability identified in storing and reusing information in Advance Authentication. This issue can lead to leakage of sensitive data to unauthorized user. The issue affects NetIQ Advance Authentication before 6.3.5.1

Cleartext Storage of Sensitive Information

Broken access control in Advanced Authentication versions prior to 6.4.1.1 and 6.3.7.2

CVE-2023-24468 9.8 - Critical - March 15, 2023

Broken access control in Advanced Authentication versions prior to 6.4.1.1 and 6.3.7.2

This update resolves a multi-factor authentication bypass attack

CVE-2022-38753 6.3 - Medium - November 28, 2022

This update resolves a multi-factor authentication bypass attack

Multi-Factor Authentication (MFA) functionality can be bypassed

CVE-2021-22515 6.5 - Medium - July 12, 2021

Multi-Factor Authentication (MFA) functionality can be bypassed, allowing the use of single factor authentication in NetIQ Advanced Authentication versions prior to 6.3 SP4 Patch 1.

AuthZ

Advanced Authentication versions prior to 6.3 SP4 have a potential broken authentication due to improper session management issue.

CVE-2021-22497 7.2 - High - April 12, 2021

Advanced Authentication versions prior to 6.3 SP4 have a potential broken authentication due to improper session management issue.

authentification

A potential Man in the Middle attack (MITM) was found in NetIQ Advanced Authentication Framework versions prior to 6.0.

CVE-2019-11650 5.9 - Medium - July 10, 2019

A potential Man in the Middle attack (MITM) was found in NetIQ Advanced Authentication Framework versions prior to 6.0.

Stay on top of Security Vulnerabilities

Want an email whenever new vulnerabilities are published for Micro Focus Netiq Advanced Authentication or by Micro Focus? Click the Watch button to subscribe.

Micro Focus
Vendor

subscribe