{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-04-18T05:10:18.033","vulnerabilities":[{"cve":{"id":"CVE-2021-22530","sourceIdentifier":"security@opentext.com","published":"2024-08-28T07:15:06.750","lastModified":"2024-09-13T17:15:29.670","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"A vulnerability identified in NetIQ Advance Authentication that doesn't enforce account lockout when brute force attack is performed on API based login. This issue may lead to user account compromise if successful or may impact server performance. This issue impacts all NetIQ Advance Authentication before 6.3.5.1"},{"lang":"es","value":"Una vulnerabilidad identificada en la autenticación avanzada de NetIQ que no aplica el bloqueo de cuenta cuando se realiza un ataque de fuerza bruta en el inicio de sesión basado en API. Este problema puede comprometer la cuenta del usuario si tiene éxito o puede afectar el rendimiento del servidor. Este problema afecta a toda la autenticación avanzada de NetIQ anterior a 6.3.5.1"}],"metrics":{"cvssMetricV31":[{"source":"security@opentext.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:L/A:L","baseScore":8.2,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"REQUIRED","scope":"CHANGED","confidentialityImpact":"HIGH","integrityImpact":"LOW","availabilityImpact":"LOW"},"exploitabilityScore":2.3,"impactScore":5.3},{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:L/A:L","baseScore":9.9,"baseSeverity":"CRITICAL","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"CHANGED","confidentialityImpact":"HIGH","integrityImpact":"LOW","availabilityImpact":"LOW"},"exploitabilityScore":3.9,"impactScore":5.3}]},"weaknesses":[{"source":"security@opentext.com","type":"Secondary","description":[{"lang":"en","value":"CWE-667"}]},{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-307"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:microfocus:netiq_advanced_authentication:*:*:*:*:*:*:*:*","versionEndExcluding":"6.3","matchCriteriaId":"7D8BAEC8-626A-4520-A89F-DB40CC774D87"},{"vulnerable":true,"criteria":"cpe:2.3:a:microfocus:netiq_advanced_authentication:6.3:-:*:*:*:*:*:*","matchCriteriaId":"689649F7-75D8-4D13-9A71-50C2908EACA5"},{"vulnerable":true,"criteria":"cpe:2.3:a:microfocus:netiq_advanced_authentication:6.3:sp1:*:*:*:*:*:*","matchCriteriaId":"A0F82417-D88A-40C5-AD90-7AB826E29C2D"},{"vulnerable":true,"criteria":"cpe:2.3:a:microfocus:netiq_advanced_authentication:6.3:sp2:*:*:*:*:*:*","matchCriteriaId":"0DD98BB8-7A85-41D6-B1CB-7849D61F085A"},{"vulnerable":true,"criteria":"cpe:2.3:a:microfocus:netiq_advanced_authentication:6.3:sp3:*:*:*:*:*:*","matchCriteriaId":"729C4860-8CAC-4D4B-8C68-00B1E84E700A"},{"vulnerable":true,"criteria":"cpe:2.3:a:microfocus:netiq_advanced_authentication:6.3:sp4:*:*:*:*:*:*","matchCriteriaId":"FEFFEB38-B4CA-48ED-9149-073334346CA3"},{"vulnerable":true,"criteria":"cpe:2.3:a:microfocus:netiq_advanced_authentication:6.3:sp4_patch1:*:*:*:*:*:*","matchCriteriaId":"B14AC9B7-9339-44BA-BF1B-1876DAFBCA14"},{"vulnerable":true,"criteria":"cpe:2.3:a:microfocus:netiq_advanced_authentication:6.3:sp5:*:*:*:*:*:*","matchCriteriaId":"4A5CE16C-376A-40C1-83E9-2424AAAB668D"}]}]}],"references":[{"url":"https://www.netiq.com/documentation/advanced-authentication-63/advanced-authentication-releasenotes-6351/data/advanced-authentication-releasenotes-6351.html","source":"security@opentext.com","tags":["Release Notes"]}]}}]}