Lucene search

OpenTextCVELIST:CVE-2020-25836

HistoryJul 16, 2024 - 9:21 p.m.

CVE-2020-25836 Potential information leakage resulting in unauthorized access

2024-07-1621:21:27

CWE-200

OpenText

www.cve.org

cve-2020-25836

information leakage

unauthorized access

opentext netiq directory

resource administrator

CVSS3

6.3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

LOW

Integrity Impact

LOW

Availability Impact

LOW

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L

EPSS

Percentile

9.3%

JSON

Exposure of Sensitive Information
to an Unauthorized Access vulnerability in OpenText NetIQ Directory and
Resource Administrator. This issue affects NetIQ Directory and Resource
Administrator versions prior to 10.0.2 and prior to 9.2.1 Patch 10.

CNA Affected

[
  {
    "defaultStatus": "unaffected",
    "product": "NetIQ Directory and Resource Administrator",
    "vendor": "OpenText",
    "versions": [
      {
        "lessThan": "<",
        "status": "affected",
        "version": "10.0.2",
        "versionType": "custom"
      },
      {
        "lessThan": "<",
        "status": "affected",
        "version": "9.2.1 Patch 10.",
        "versionType": "custom"
      }
    ]
  }
]

References

www.netiq.com/documentation/directory-and-resource-administrator-10/releasenotes_10.0.2/data/releasenotes_10.0.2.html#b149h4pv