exploitDog

GHSA-2mxm-3cxj-6cmp

Опубликовано: 05 мар. 2025

Источник: github

Github: Не прошло ревью

CVSS4: 10

Описание

Insufficiently Protected Credentials vulnerability in OpenText Identity Manager Advanced Edition on Windows, Linux, 64 bit allows Privilege Abuse. This vulnerability could allow an authenticated user to obtain higher privileged user’s sensitive information via crafted payload.

This issue affects Identity Manager Advanced Edition: from 4.8.0.0 through 4.8.7.0102, 4.9.0.0.

Insufficiently Protected Credentials vulnerability in OpenText Identity Manager Advanced Edition on Windows, Linux, 64 bit allows Privilege Abuse. This vulnerability could allow an authenticated user to obtain higher privileged user’s sensitive information via crafted payload.

This issue affects Identity Manager Advanced Edition: from 4.8.0.0 through 4.8.7.0102, 4.9.0.0.

Ссылки

EPSS

Процентиль: 32%

0.00127

Низкий

10 Critical

CVSS4

CVE ID

Дефекты

CWE-522

Связанные уязвимости

CVE-2024-12799

nvd

11 месяцев назад

Insufficiently Protected Credentials vulnerability in OpenText Identity Manager Advanced Edition on Windows, Linux, 64 bit allows Privilege Abuse. This vulnerability could allow an authenticated user to obtain higher privileged user’s sensitive information via crafted payload. This issue affects Identity Manager Advanced Edition: from 4.8.0.0 through 4.8.7.0102, 4.9.0.0.

EPSS

Процентиль: 32%

0.00127

Низкий

10 Critical

CVSS4

CVE ID

Дефекты

CWE-522