← volver
CVE-2025-13478

Cache Misconfiguration Leading to Cross-User Data Exposure

CVSS 8.4 HIGHEPSS 0.3%CWE-522
Cache misconfiguration vulnerability in OpenText Identity Manager on Windows, Linux allows remote authenticated users to obtain another user's session data via insecure application cache handling. This issue affects Identity Manager: 25.2(v4.10.1).
CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:L/VA:N/SC:H/SI:L/SA:N
Productos afectados
OpenText · Identity Manager

¿Quieres saber si tu infraestructura está expuesta a esto?

Hablar con TrueHacking →
Referencias
https://docs.microfocus.com/doc/2159/25.2/cvesecurityfixhttps://docs.microfocus.com/doc/2159/25.2/releasenotesidentitymanager4101patch01