CVSS: 6.5EPSS: 0%CPEs: 2EXPL: 0CVE-2022-38753
https://notcve.org/view.php?id=CVE-2022-38753
28 Nov 2022 — This update resolves a multi-factor authentication bypass attack Esta actualización resuelve un ataque de omisión de autenticación multifactor • https://www.netiq.com/documentation/advanced-authentication-64/advanced-authentication-releasenotes-641/data/advanced-authentication-releasenotes-641.html#t4g4mvd1yivo •
CVSS: 6.5EPSS: 0%CPEs: 6EXPL: 0CVE-2021-22515 – Multi-Factor Authentication (MFA) downgrade exposure in NetIQ Advanced Authentication Server
https://notcve.org/view.php?id=CVE-2021-22515
12 Jul 2021 — Multi-Factor Authentication (MFA) functionality can be bypassed, allowing the use of single factor authentication in NetIQ Advanced Authentication versions prior to 6.3 SP4 Patch 1. Una funcionalidad de Autenticación Multifactor (MFA) puede ser omitida, permitiendo el uso de la autenticación de un solo factor en NetIQ Advanced Authentication versiones anteriores a 6.3 SP4 Parche 1 • https://www.netiq.com/documentation/advanced-authentication-63/advanced-authentication-releasenotes-6341/data/advanced-authentication-releasenotes-6341.html • CWE-863: Incorrect Authorization •
CVSS: 7.2EPSS: 0%CPEs: 5EXPL: 0CVE-2021-22497 – Advanced Authentication Improper Session Management
https://notcve.org/view.php?id=CVE-2021-22497
12 Apr 2021 — Advanced Authentication versions prior to 6.3 SP4 have a potential broken authentication due to improper session management issue. Advanced Authentication versiones anteriores a 6.3, SP4, presentan una posible autenticación rota debido a un problema de administración de sesión inapropiada • https://www.netiq.com/documentation/advanced-authentication-63/advanced-authentication-releasenotes-634/data/advanced-authentication-releasenotes-634.html • CWE-287: Improper Authentication •
CVSS: 5.9EPSS: 0%CPEs: 1EXPL: 0CVE-2019-11650
https://notcve.org/view.php?id=CVE-2019-11650
10 Jul 2019 — A potential Man in the Middle attack (MITM) was found in NetIQ Advanced Authentication Framework versions prior to 6.0. Se encontró un potencial ataque de tipo Man in the Middle (MITM) en NetIQ Advanced Authentication Framework versiones anteriores a 6.0. • https://www.netiq.com/documentation/advanced-authentication-60/advanced-authentication-releasenotes-60/data/advanced-authentication-releasenotes-60.html#t49vfiy1udvg •