Lucene search
OpenTextCVELIST:CVE-2020-11846HistoryAug 21, 2024 - 1:37 p.m.
CVE-2020-11846 Improper handling of token allows access to restricted resource in Privileged Access Manager
2024-08-2113:37:11
CWE-269
OpenText
www.cve.org
4
vulnerability
opentext
privileged access manager
CVSS3
8.7
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
REQUIRED
Scope
CHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:H/A:N
EPSS
0.001
Percentile
37.7%
A vulnerability found in OpenText Privileged Access Manager that issues a token. on successful issuance of the token, a cookie gets set that allows unrestricted access to all the application resources.Β This issue affects Privileged Access Manager before 3.7.0.1.
CNA Affected
[
{
"defaultStatus": "unaffected",
"platforms": [
"Windows",
"Linux",
"64 bit",
"32 bit"
],
"product": "Privileged Access Manager",
"vendor": "OpenText",
"versions": [
{
"lessThan": "<",
"status": "affected",
"version": "3.7.0.1",
"versionType": "server"
}
]
}
]Related
cve
cve
CVE-2020-11846
2024-08-21 14:15:07
vulnrichment
vulnrichment
nvd
nvd
CVE-2020-11846
2024-08-21 14:15:07
CVSS3
8.7
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
REQUIRED
Scope
CHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:H/A:N
EPSS
0.001
Percentile
37.7%
Related for CVELIST:CVE-2020-11846