Vulnerability Details : CVE-2023-24468
Broken access control in Advanced Authentication versions prior to 6.4.1.1 and 6.3.7.2
Products affected by CVE-2023-24468
- cpe:2.3:a:microfocus:netiq_advanced_authentication:*:*:*:*:*:*:*:*
- cpe:2.3:a:microfocus:netiq_advanced_authentication:6.3:-:*:*:*:*:*:*
- cpe:2.3:a:microfocus:netiq_advanced_authentication:6.3:sp1:*:*:*:*:*:*
- cpe:2.3:a:microfocus:netiq_advanced_authentication:6.3:sp2:*:*:*:*:*:*
- cpe:2.3:a:microfocus:netiq_advanced_authentication:6.3:sp3:*:*:*:*:*:*
- cpe:2.3:a:microfocus:netiq_advanced_authentication:6.3:sp4:*:*:*:*:*:*
- cpe:2.3:a:microfocus:netiq_advanced_authentication:6.4:-:*:*:*:*:*:*
- cpe:2.3:a:microfocus:netiq_advanced_authentication:6.3:sp4_patch1:*:*:*:*:*:*
- cpe:2.3:a:microfocus:netiq_advanced_authentication:6.3:sp5:*:*:*:*:*:*
- cpe:2.3:a:microfocus:netiq_advanced_authentication:6.3:sp5_patch1:*:*:*:*:*:*
- cpe:2.3:a:microfocus:netiq_advanced_authentication:6.3:sp5_patch2:*:*:*:*:*:*
- cpe:2.3:a:microfocus:netiq_advanced_authentication:6.3:sp6:*:*:*:*:*:*
- cpe:2.3:a:microfocus:netiq_advanced_authentication:6.3:sp6_patch1:*:*:*:*:*:*
- cpe:2.3:a:microfocus:netiq_advanced_authentication:6.3:sp7:*:*:*:*:*:*
- cpe:2.3:a:microfocus:netiq_advanced_authentication:6.4:sp1:*:*:*:*:*:*
Exploit prediction scoring system (EPSS) score for CVE-2023-24468
0.35%
Probability of exploitation activity in the next 30 days
EPSS Score History
~ 72 %
Percentile, the proportion of vulnerabilities that are scored at or less
CVSS scores for CVE-2023-24468
Base Score | Base Severity | CVSS Vector | Exploitability Score | Impact Score | Score Source | First Seen |
---|---|---|---|---|---|---|
9.8
|
CRITICAL | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H |
3.9
|
5.9
|
NIST |
References for CVE-2023-24468
-
https://www.netiq.com/documentation/advanced-authentication-64/advanced-authentication-releasenotes-6411/data/advanced-authentication-releasenotes-6411.html
Advanced Authentication 6.4 Service Pack 1 Patch 1 Release NotesRelease Notes
-
https://www.netiq.com/documentation/advanced-authentication-63/advanced-authentication-releasenotes-6372/data/advanced-authentication-releasenotes-6372.html
Advanced Authentication 6.3 Service Pack 7 Patch 2 Release NotesRelease Notes
Jump to