← volver
CVE-2024-12799

Insufficiently Protected Credentials

CVSS 10 CRITICALEPSS 0.4%CWE-522
Insufficiently Protected Credentials vulnerability in OpenText Identity Manager Advanced Edition on Windows, Linux, 64 bit allows Privilege Abuse. This vulnerability could allow an authenticated user to obtain higher privileged user’s sensitive information via crafted payload. This issue affects Identity Manager Advanced Edition: from 4.8.0.0 through 4.8.7.0102, 4.9.0.0.
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H/S:P/AU:Y/R:U/V:C/RE:H/U:Red
Productos afectados
OpenText · Identity Manager Advanced Edition

¿Quieres saber si tu infraestructura está expuesta a esto?

Hablar con TrueHacking →
Referencias
https://portal.microfocus.com/s/article/KM000037455