CVE-2024-12862

REST API allows users without permissions to remove external collaborators

CVSS 5.5 MEDIUMEPSS 0.2%CWE-863

Incorrect Authorization vulnerability in the OpenText Content Server REST API on Windows, Linux allows users without the appropriate permissions to remove external collaborators.This issue affects Content Server: 20.2-24.4.

CVSS:4.0/AV:N/AC:H/AT:P/PR:H/UI:N/VC:L/VI:L/VA:N/SC:H/SI:H/SA:H

Productos afectados

OpenText · Content Server

¿Quieres saber si tu infraestructura está expuesta a esto?

Hablar con TrueHacking →

Referencias

https://support.opentext.com/csm?id=ot_kb_unauthenticated&sysparm_article=KB0839115