Lucene search

OpenTextCVELIST:CVE-2023-32268

HistoryDec 06, 2023 - 1:29 p.m.

CVE-2023-32268 Administrator equivalent Filr user can access proxy administrator credentials

2023-12-0613:29:03

CWE-522

OpenText

www.cve.org

exposure of credentials

filr

proxy admin

user access

CVSS3

7.2

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

HIGH

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H

AI Score

7.2

Confidence

High

EPSS

0.001

Percentile

19.3%

JSON

Exposure of Proxy Administrator Credentials

An authenticated administrator equivalent Filr user can access the credentials of proxy administrators.

CNA Affected

[
  {
    "defaultStatus": "affected",
    "platforms": [
      "64 bit"
    ],
    "product": "Filr",
    "vendor": "OpenText",
    "versions": [
      {
        "lessThanOrEqual": "23.2",
        "status": "affected",
        "version": "5.x",
        "versionType": "rpm"
      }
    ]
  }
]

References

portal.microfocus.com/s/article/KM000020081?language=en_US

CVSS3

7.2

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

HIGH

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H

AI Score

7.2

Confidence

High

EPSS

0.001

Percentile

19.3%

JSON

Related for CVELIST:CVE-2023-32268