Logo
-

Byte Open Security

(ByteOS Network)

Log In

Sign Up

ByteOS

Security
Vulnerability Details
Registries
Custom Views
Weaknesses
Attack Patterns
Filters & Tools
CVE Vulnerability Details :
CVE-2021-38121
PUBLISHED
More InfoOfficial Page
Assigner-OpenText
Assigner Org ID-f81092c5-7f14-476d-80dc-24857f90be84
View Known Exploited Vulnerability (KEV) details
Published At-28 Aug, 2024 | 06:28
Updated At-28 Aug, 2024 | 13:29
Rejected At-
▼CVE Numbering Authority (CNA)
Weak communication protocol identified in Advance Authentication client application

Insufficient or weak TLS protocol version identified in Advance authentication client server communication when specific service is accessed between devices.  This issue affects NetIQ Advance Authentication versions before 6.3.5.1

Affected Products
Vendor
Open Text CorporationOpenText
Product
NetIQ Advance Authentication
Platforms
  • Windows
  • Linux
  • MacOS
Default Status
unaffected
Versions
Affected
  • From 6.3.5.1 before < (server)
Problem Types
TypeCWE IDDescription
CWECWE-326CWE-326 Inadequate Encryption Strength
Type: CWE
CWE ID: CWE-326
Description: CWE-326 Inadequate Encryption Strength
Metrics
VersionBase scoreBase severityVector
3.18.3HIGH
CVSS:3.1/AV:A/AC:L/PR:L/UI:R/S:C/C:H/I:H/A:L
Version: 3.1
Base score: 8.3
Base severity: HIGH
Vector:
CVSS:3.1/AV:A/AC:L/PR:L/UI:R/S:C/C:H/I:H/A:L
Metrics Other Info
Impacts
CAPEC IDDescription
CAPEC-217CAPEC-217 Exploiting Incorrectly Configured SSL/TLS
CAPEC ID: CAPEC-217
Description: CAPEC-217 Exploiting Incorrectly Configured SSL/TLS
Solutions
Configurations
Workarounds
Exploits
Credits
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
https://www.netiq.com/documentation/advanced-authentication-63/advanced-authentication-releasenotes-6351/data/advanced-authentication-releasenotes-6351.html
N/A
Hyperlink: https://www.netiq.com/documentation/advanced-authentication-63/advanced-authentication-releasenotes-6351/data/advanced-authentication-releasenotes-6351.html
Resource: N/A
▼Authorized Data Publishers (ADP)
CISA ADP Vulnrichment
Affected Products
Vendor
Micro Focus International Limitedmicrofocus
Product
netiq_advanced_authentication
CPEs
  • cpe:2.3:a:microfocus:netiq_advanced_authentication:*:*:*:*:*:*:*:*
Default Status
unaffected
Versions
Affected
  • From 0 before 6.3.5.1 (semver)
Metrics
VersionBase scoreBase severityVector
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions
Configurations
Workarounds
Exploits
Credits
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
Details not found