CVE-2021-22515 is a vulnerability in Micro Focus Netiq Advanced Authentication
Published on July 12, 2021

Multi-Factor Authentication (MFA) downgrade exposure in NetIQ Advanced Authentication Server
Multi-Factor Authentication (MFA) functionality can be bypassed, allowing the use of single factor authentication in NetIQ Advanced Authentication versions prior to 6.3 SP4 Patch 1.

NVD

Vulnerability Analysis

Attack Vector:

ADJACENT_NETWORK

Attack Complexity:

HIGH

Privileges Required:

LOW

User Interaction:

NONE

Scope:

UNCHANGED

Confidentiality Impact:

HIGH

Integrity Impact:

NONE

Availability Impact:

NONE

Products Associated with CVE-2021-22515

Want to know whenever a new CVE is published for Micro Focus Netiq Advanced Authentication? stack.watch will email you.

Micro Focus Netiq Advanced Authentication

Affected Versions

Micro Focus NetIQ Advanced Authentication:

Version NetIQ Advanced Authentication and below 6.3 SP4 Patch 1 is affected.

Exploit Probability

EPSS

0.19%

Percentile

41.13%

EPSS (Exploit Prediction Scoring System) scores estimate the probability that a vulnerability will be exploited in the wild within the next 30 days. The percentile shows you how this score compares to all other vulnerabilities.

CVE-2021-22515 is a vulnerability in Micro Focus Netiq Advanced AuthenticationPublished on July 12, 2021

Vulnerability Analysis

Products Associated with CVE-2021-22515

Affected Versions

Exploit Probability

CVE-2021-22515 is a vulnerability in Micro Focus Netiq Advanced Authentication
Published on July 12, 2021