Vulnerabilities > Opentext

DATE CVE VULNERABILITY TITLE RISK
2024-09-12 CVE-2021-22518 Information Exposure Through Log Files vulnerability in Opentext Identity Manager Azuread Driver
A vulnerability identified in OpenText™ Identity Manager AzureAD Driver that allows logging of sensitive information into log file.
local
low complexity
opentext CWE-532
5.5
2024-08-22 CVE-2023-7260 Path Traversal vulnerability in Opentext Cx-E Voice
Path Traversal vulnerability discovered in OpenText™ CX-E Voice, affecting all version through 22.4.
network
low complexity
opentext CWE-22
7.5
2024-08-12 CVE-2023-7249 Path Traversal vulnerability in Opentext Directory Services
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in OpenText OpenText Directory Services allows Path Traversal.This issue affects OpenText Directory Services: from 16.4.2 before 24.1.
network
low complexity
opentext CWE-22
critical
9.8
2024-08-06 CVE-2024-6357 Authorization Bypass Through User-Controlled Key vulnerability in Opentext Arcsight Intelligence
Insecure Direct Object Reference vulnerability identified in OpenText ArcSight Intelligence.
network
low complexity
opentext CWE-639
8.8
2024-08-06 CVE-2024-6358 Incorrect Authorization vulnerability in Opentext Arcsight Intelligence
Incorrect Authorization vulnerability identified in OpenText ArcSight Intelligence.
network
low complexity
opentext CWE-863
8.8
2024-08-06 CVE-2024-6359 Unspecified vulnerability in Opentext Arcsight Intelligence
Privilege escalation vulnerability identified in OpenText ArcSight Intelligence.
network
low complexity
opentext
critical
9.8
2024-08-05 CVE-2024-6361 Cross-site Scripting vulnerability in Opentext ALM Octane
Improper Neutralization vulnerability (XSS) has been discovered in OpenText™ ALM Octane.
network
low complexity
opentext CWE-79
5.4
2024-07-31 CVE-2024-4187 Cross-site Scripting vulnerability in Opentext Filr 24.1.1/24.2
Stored XSS vulnerability has been discovered in OpenText™ Filr product, affecting versions 24.1.1 and 24.2.
network
low complexity
opentext CWE-79
5.4
2024-03-15 CVE-2023-7248 Unspecified vulnerability in Opentext Vertica
Certain functionality in OpenText Vertica Management console might be prone to bypass via crafted requests.  The vulnerability would affect one of Vertica’s authentication functionalities by allowing specially crafted requests and sequences.
network
low complexity
opentext
critical
9.8
2024-02-15 CVE-2023-6123 Cross-site Scripting vulnerability in Opentext ALM Octane
Improper Neutralization vulnerability affects OpenText ALM Octane version 16.2.100 and above. The vulnerability could result in a remote code execution attack.
network
low complexity
opentext CWE-79
6.1