{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-05-05T08:10:17.954","vulnerabilities":[{"cve":{"id":"CVE-2021-38120","sourceIdentifier":"security@opentext.com","published":"2024-08-28T07:15:07.303","lastModified":"2024-09-13T18:04:28.527","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"A vulnerability identified in Advance Authentication that allows bash command Injection in administrative controlled functionality of backup due to improper\nhandling in provided command parameters. This issue affects NetIQ Advance Authentication version before 6.3.5.1."},{"lang":"es","value":"Una vulnerabilidad identificada en la autenticación avanzada que permite la inyección de comandos bash en la funcionalidad de copia de seguridad controlada administrativamente debido a un manejo inadecuado de los parámetros de comando proporcionados. Este problema afecta a la versión de autenticación avanzada de NetIQ anterior a la 6.3.5.1."}],"metrics":{"cvssMetricV31":[{"source":"security@opentext.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:L/AC:H/PR:H/UI:R/S:U/C:L/I:H/A:L","baseScore":5.1,"baseSeverity":"MEDIUM","attackVector":"LOCAL","attackComplexity":"HIGH","privilegesRequired":"HIGH","userInteraction":"REQUIRED","scope":"UNCHANGED","confidentialityImpact":"LOW","integrityImpact":"HIGH","availabilityImpact":"LOW"},"exploitabilityScore":0.3,"impactScore":4.7},{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H","baseScore":7.2,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"HIGH","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":1.2,"impactScore":5.9}]},"weaknesses":[{"source":"security@opentext.com","type":"Secondary","description":[{"lang":"en","value":"CWE-77"}]},{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-77"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:microfocus:netiq_advanced_authentication:*:*:*:*:*:*:*:*","versionEndExcluding":"6.3","matchCriteriaId":"7D8BAEC8-626A-4520-A89F-DB40CC774D87"},{"vulnerable":true,"criteria":"cpe:2.3:a:microfocus:netiq_advanced_authentication:6.3:-:*:*:*:*:*:*","matchCriteriaId":"689649F7-75D8-4D13-9A71-50C2908EACA5"},{"vulnerable":true,"criteria":"cpe:2.3:a:microfocus:netiq_advanced_authentication:6.3:sp1:*:*:*:*:*:*","matchCriteriaId":"A0F82417-D88A-40C5-AD90-7AB826E29C2D"},{"vulnerable":true,"criteria":"cpe:2.3:a:microfocus:netiq_advanced_authentication:6.3:sp2:*:*:*:*:*:*","matchCriteriaId":"0DD98BB8-7A85-41D6-B1CB-7849D61F085A"},{"vulnerable":true,"criteria":"cpe:2.3:a:microfocus:netiq_advanced_authentication:6.3:sp3:*:*:*:*:*:*","matchCriteriaId":"729C4860-8CAC-4D4B-8C68-00B1E84E700A"},{"vulnerable":true,"criteria":"cpe:2.3:a:microfocus:netiq_advanced_authentication:6.3:sp4:*:*:*:*:*:*","matchCriteriaId":"FEFFEB38-B4CA-48ED-9149-073334346CA3"},{"vulnerable":true,"criteria":"cpe:2.3:a:microfocus:netiq_advanced_authentication:6.3:sp4_patch1:*:*:*:*:*:*","matchCriteriaId":"B14AC9B7-9339-44BA-BF1B-1876DAFBCA14"},{"vulnerable":true,"criteria":"cpe:2.3:a:microfocus:netiq_advanced_authentication:6.3:sp5:*:*:*:*:*:*","matchCriteriaId":"4A5CE16C-376A-40C1-83E9-2424AAAB668D"}]}]}],"references":[{"url":"https://www.netiq.com/documentation/advanced-authentication-63/advanced-authentication-releasenotes-6351/data/advanced-authentication-releasenotes-6351.html","source":"security@opentext.com","tags":["Release Notes"]}]}}]}