← voltar
CVE-2025-13478

Cache Misconfiguration Leading to Cross-User Data Exposure

CVSS 8.4 HIGHEPSS 0.3%CWE-522
Cache misconfiguration vulnerability in OpenText Identity Manager on Windows, Linux allows remote authenticated users to obtain another user's session data via insecure application cache handling. This issue affects Identity Manager: 25.2(v4.10.1).
CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:L/VA:N/SC:H/SI:L/SA:N
Produtos afetados
OpenText · Identity Manager

Quer saber se a sua infraestrutura está exposta a isto?

Falar com a TrueHacking →
Referências
https://docs.microfocus.com/doc/2159/25.2/cvesecurityfixhttps://docs.microfocus.com/doc/2159/25.2/releasenotesidentitymanager4101patch01