CVSS3
Attack Vector
ADJACENT
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
REQUIRED
Scope
CHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
LOW
CVSS:3.1/AV:A/AC:L/PR:L/UI:R/S:C/C:H/I:H/A:L
AI Score
Confidence
Low
EPSS
Percentile
22.3%
SSVC
Exploitation
none
Automatable
no
Technical Impact
total
Insufficient or weak TLS protocol version identified in Advance authentication client server communication when specific service is accessed between devices. This issue affects NetIQ Advance Authentication versions before 6.3.5.1
[
{
"cpes": [
"cpe:2.3:a:microfocus:netiq_advanced_authentication:*:*:*:*:*:*:*:*"
],
"vendor": "microfocus",
"product": "netiq_advanced_authentication",
"versions": [
{
"status": "affected",
"version": "0",
"lessThan": "6.3.5.1",
"versionType": "semver"
}
],
"defaultStatus": "unaffected"
}
]
CVSS3
Attack Vector
ADJACENT
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
REQUIRED
Scope
CHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
LOW
CVSS:3.1/AV:A/AC:L/PR:L/UI:R/S:C/C:H/I:H/A:L
AI Score
Confidence
Low
EPSS
Percentile
22.3%
SSVC
Exploitation
none
Automatable
no
Technical Impact
total