CVE-2021-38120

Remote Code Execution using Bash command Injection in backup scheduling functionality in NetIQ Advance Authentication

Description

A vulnerability identified in Advance Authentication that allows bash command Injection in administrative controlled functionality of backup due to improper handling in provided command parameters. This issue affects NetIQ Advance Authentication version before 6.3.5.1.

INFO

Published Date :

2024-08-28T06:28:55.684Z

Last Modified :

2024-08-28T13:32:17.979Z

Source :

OpenText

AFFECTED PRODUCTS

The following products are affected by CVE-2021-38120 vulnerability.

Vendors	Products
Microfocus	Netiq Advanced Authentication

REFERENCES

Here, you will find a curated list of external links that provide in-depth information to CVE-2021-38120.

URL	Resource
https://www.netiq.com/documentation/advanced-authentication-63/advanced-authentication-releasenotes-6351/data/advanced-authentication-releasenotes-6351.html

CVSS Vulnerability Scoring System

V3.1

Detailed values of each vector for above chart.

Attack Vector

Attack Complexity

Privileges Required

User Interaction

Scope

Confidentiality Impact

Integrity Impact

Availability Impact