← voltar
CVE-2024-12799

Insufficiently Protected Credentials

CVSS 10 CRITICALEPSS 0.4%CWE-522
Insufficiently Protected Credentials vulnerability in OpenText Identity Manager Advanced Edition on Windows, Linux, 64 bit allows Privilege Abuse. This vulnerability could allow an authenticated user to obtain higher privileged user’s sensitive information via crafted payload. This issue affects Identity Manager Advanced Edition: from 4.8.0.0 through 4.8.7.0102, 4.9.0.0.
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H/S:P/AU:Y/R:U/V:C/RE:H/U:Red
Produtos afetados
OpenText · Identity Manager Advanced Edition

Quer saber se a sua infraestrutura está exposta a isto?

Falar com a TrueHacking →
Referências
https://portal.microfocus.com/s/article/KM000037455