Lucene search

OpenTextCVELIST:CVE-2023-32260

HistoryMar 19, 2024 - 3:54 p.m.

CVE-2023-32260 A potential Misinterpretation of Input vulnerability has been identified in SMAX, AMX, and HCMX products.

2024-03-1915:54:23

CWE-115

OpenText

www.cve.org

misinterpretation of input

smax

amx

hcmx

opentext

service management automation

asset management

hybrid cloud management

data manipulation

6.5 Medium

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

HIGH

Availability Impact

NONE

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N

0.0004 Low

EPSS

Percentile

9.1%

JSON

Misinterpretation of Input vulnerability in OpenText™ Service Management Automation X (SMAX), OpenText™ Asset Management X (AMX), and OpenText™ Hybrid Cloud Management X (HCMX) products. The vulnerability could allow Input data manipulation.This issue affects Service Management Automation X (SMAX) versions: 2020.05, 2020.08, 2020.11, 2021.02, 2021.05, 2021.08, 2021.11, 2022.05, 2022.11, 2023.05; Asset Management X (AMX) versions: 2021.08, 2021.11, 2022.05, 2022.11, 2023.05; and Hybrid Cloud Management X (HCMX) versions: 2020.05, 2020.08, 2020.11, 2021.02, 2021.05, 2021.08, 2021.11, 2022.05, 2022.11, 2023.05.

CNA Affected

[
  {
    "defaultStatus": "unaffected",
    "product": "Service Management Automation X (SMAX)",
    "vendor": "OpenText™",
    "versions": [
      {
        "status": "affected",
        "version": "2020.05"
      },
      {
        "status": "affected",
        "version": "2020.08"
      },
      {
        "status": "affected",
        "version": "2020.11"
      },
      {
        "status": "affected",
        "version": "2021.02"
      },
      {
        "status": "affected",
        "version": "2021.05"
      },
      {
        "status": "affected",
        "version": "2021.08"
      },
      {
        "status": "affected",
        "version": "2021.11"
      },
      {
        "status": "affected",
        "version": "2022.05"
      },
      {
        "status": "affected",
        "version": "2022.11"
      },
      {
        "status": "affected",
        "version": "2023.05"
      }
    ]
  },
  {
    "defaultStatus": "unaffected",
    "product": "Asset Management X (AMX)",
    "vendor": "OpenText™",
    "versions": [
      {
        "status": "affected",
        "version": "2021.08"
      },
      {
        "status": "affected",
        "version": "2021.11"
      },
      {
        "status": "affected",
        "version": "2022.05"
      },
      {
        "status": "affected",
        "version": "2022.11"
      },
      {
        "status": "affected",
        "version": "2023.05"
      }
    ]
  },
  {
    "defaultStatus": "unaffected",
    "product": "Hybrid Cloud Management X (HCMX)",
    "vendor": "OpenText™",
    "versions": [
      {
        "status": "affected",
        "version": "2020.05"
      },
      {
        "status": "affected",
        "version": "2020.08"
      },
      {
        "status": "affected",
        "version": "2020.11"
      },
      {
        "status": "affected",
        "version": "2021.02"
      },
      {
        "status": "affected",
        "version": "2021.05"
      },
      {
        "status": "affected",
        "version": "2021.08"
      },
      {
        "status": "affected",
        "version": "2021.11"
      },
      {
        "status": "affected",
        "version": "2022.05"
      },
      {
        "status": "affected",
        "version": "2022.11"
      },
      {
        "status": "affected",
        "version": "2023.05"
      }
    ]
  }
]

References

portal.microfocus.com/s/article/KM000018804?language=en_US

6.5 Medium

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

HIGH

Availability Impact

NONE

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N

0.0004 Low

EPSS

Percentile

9.1%

JSON

Related for CVELIST:CVE-2023-32260