CVE-2024-1470

EUVD-2024-17220
Authorization Bypass Through User-Controlled Key vulnerability in NetIQ (OpenText) Client Login Extension on Windows allows Privilege Escalation, Code Injection.This issue 

only 

affects NetIQ Client Login Extension: 4.6.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTPrimary
7.1 HIGH
LOCAL
LOW
NONE
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:C/C:L/I:H/A:N
OpenTextCNA
7.1 HIGH
LOCAL
LOW
NONE
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:C/C:L/I:H/A:N
Base Score
CVSS 3.x
EPSS Score
Percentile: 1%
Affected Products (NVD)
VendorProductVersion
netiqclient_login_extension
4.6
𝑥
= Vulnerable software versions
Common Weakness Enumeration
References
https://portal.microfocus.com/s/article/KM000026667?language=en_US
https://portal.microfocus.com/s/article/KM000026667?language=en_US