Lucene search

OpenTextCVELIST:CVE-2021-38133

HistorySep 12, 2024 - 12:41 p.m.

CVE-2021-38133 Possible Improper authentication Vulnerability in OpenText eDirectory

2024-09-1212:41:46

CWE-521

OpenText

www.cve.org

cve-2021-38133

improper authentication

opentext edirectory

external service interaction

CVSS3

7.4

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

REQUIRED

Scope

CHANGED

Confidentiality Impact

HIGH

Integrity Impact

NONE

Availability Impact

NONE

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:N/A:N

EPSS

0.001

Percentile

37.7%

JSON

Possible
External Service Interaction attack

in eDirectory has been discovered in
OpenText™ eDirectory. This impact all version before 9.2.6.0000.

CNA Affected

[
  {
    "defaultStatus": "affected",
    "platforms": [
      "Windows",
      "Linux",
      "64 bit"
    ],
    "product": "eDirectory",
    "vendor": "OpenText",
    "versions": [
      {
        "lessThanOrEqual": "9.2.5.0000",
        "status": "affected",
        "version": "9.2.0",
        "versionType": "rpm, exe"
      }
    ]
  }
]

References

www.netiq.com/documentation/edirectory-92/edirectory926_releasenotes/data/edirectory926_releasenotes.html

CVSS3

7.4

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

REQUIRED

Scope

CHANGED

Confidentiality Impact

HIGH

Integrity Impact

NONE

Availability Impact

NONE

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:N/A:N

EPSS

0.001

Percentile

37.7%

JSON

Related for CVELIST:CVE-2021-38133