4 results (0.009 seconds)

CVSS: 6.3EPSS: 0%CPEs: 2EXPL: 0

This update resolves a multi-factor authentication bypass attack Esta actualización resuelve un ataque de omisión de autenticación multifactor • https://www.netiq.com/documentation/advanced-authentication-64/advanced-authentication-releasenotes-641/data/advanced-authentication-releasenotes-641.html#t4g4mvd1yivo •

CVSS: 6.5EPSS: 0%CPEs: 6EXPL: 0

Multi-Factor Authentication (MFA) functionality can be bypassed, allowing the use of single factor authentication in NetIQ Advanced Authentication versions prior to 6.3 SP4 Patch 1. Una funcionalidad de Autenticación Multifactor (MFA) puede ser omitida, permitiendo el uso de la autenticación de un solo factor en NetIQ Advanced Authentication versiones anteriores a 6.3 SP4 Parche 1 • https://www.netiq.com/documentation/advanced-authentication-63/advanced-authentication-releasenotes-6341/data/advanced-authentication-releasenotes-6341.html • CWE-863: Incorrect Authorization •

CVSS: 7.2EPSS: 0%CPEs: 5EXPL: 0

Advanced Authentication versions prior to 6.3 SP4 have a potential broken authentication due to improper session management issue. Advanced Authentication versiones anteriores a 6.3, SP4, presentan una posible autenticación rota debido a un problema de administración de sesión inapropiada • https://www.netiq.com/documentation/advanced-authentication-63/advanced-authentication-releasenotes-634/data/advanced-authentication-releasenotes-634.html • CWE-287: Improper Authentication •

CVSS: 5.9EPSS: 0%CPEs: 1EXPL: 0

A potential Man in the Middle attack (MITM) was found in NetIQ Advanced Authentication Framework versions prior to 6.0. Se encontró un potencial ataque de tipo Man in the Middle (MITM) en NetIQ Advanced Authentication Framework versiones anteriores a 6.0. • https://www.netiq.com/documentation/advanced-authentication-60/advanced-authentication-releasenotes-60/data/advanced-authentication-releasenotes-60.html#t49vfiy1udvg •