← back
CVE-2021-38121

Weak communication protocol identified in Advance Authentication client application

CVSS 8.3 HIGHEPSS 0.2%CWE-326
Vexday Risk Score
21Low
SSVC decision (CISA)
Track
No exploitation signal → monitor
CVSS 8.3EPSS 0.2%KEV nãoPoC Nuclei Metasploit Patch
Lifecycle
28 Aug 2024Published on NVD
Recommendation: Monitor — no exploitation signal at the moment.
Insufficient or weak TLS protocol version identified in Advance authentication client server communication when specific service is accessed between devices.  This issue affects NetIQ Advance Authentication versions before 6.3.5.1
CVSS:3.1/AV:A/AC:L/PR:L/UI:R/S:C/C:H/I:H/A:L
Affected products
OpenText · NetIQ Advance Authentication

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →
References
https://www.netiq.com/documentation/advanced-authentication-63/advanced-authentication-releasenotes-6351/data/advanced-authentication-releasenotes-6351.html