PT-2024-10881 · Netiq · Netiq Advance Authentication
Frank Spierings
·
Published
2024-08-27
·
Updated
2024-09-13
·
CVE-2021-22509
CVSS v3.1
8.1
High
| Vector | AV:L/AC:L/PR:L/UI:R/S:C/C:H/I:H/A:L |
Name of the Vulnerable Software and Affected Versions
NetIQ Advance Authentication versions prior to 6.3.5.1
Description
A vulnerability identified in storing and reusing information in Advance Authentication can lead to leakage of sensitive data to unauthorized users.
Recommendations
Update to version 6.3.5.1 or later to secure your systems. As a temporary workaround, consider restricting access to sensitive data stored in Advance Authentication until the update is applied.
Fix
Cleartext Storage of Sensitive Information
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Netiq Advance Authentication