OpenText Advanced Authentication 安全漏洞

OpenText Advanced Authentication is an advanced authentication framework from OpenText Canada. A security vulnerability exists in OpenText Advanced Authentication versions prior to 6.5 that stems from the potential disclosure of sensitive information...

PT-2025-23005 · Opentext · Opentext Advance Authentication

Name of the Vulnerable Software and Affected Versions: OpenText Advanced Authentication versions prior to 6.5 Description: The issue allows exposure of sensitive system information to an unauthorized control sphere, potentially revealing sensitive information during the management and configurati...

CVE-2024-4692

Improper Validation of Specified Quantity in Input vulnerability in OpenText OpenText Application Automation Tools allows Exploiting Incorrectly Configured Access Control Security Levels. Multiple missing permission checks - Service Virtualization config has been discovered in in OpenText...

CVE-2024-4184

Improper Restriction of XML External Entity Reference vulnerability in OpenText Application Automation Tools allows DTD Injection.This issue affects OpenText Application Automation Tools: 24.1.0 and below...

CVE-2024-4189

Improper Restriction of XML External Entity Reference vulnerability in OpenText Application Automation Tools allows DTD Injection.This issue affects OpenText Application Automation Tools: 24.1.0 and below...

CVE-2024-4690

Improper Restriction of XML External Entity Reference vulnerability in OpenText Application Automation Tools allows DTD Injection.This issue affects OpenText Application Automation Tools: 24.1.0 and below...

CVE-2024-4556

Improper Limitation of a Pathname to a Restricted Directory 'Path Traversal' vulnerability in OpenText NetIQ Access Manager allows access the sensitive information. This issue affects NetIQ Access Manager before 5.0.4 and before 5.1...

CVE-2024-6359

Privilege escalation vulnerability identified in OpenText ArcSight Intelligence...

CVE-2024-6357

Insecure Direct Object Reference vulnerability identified in OpenText ArcSight Intelligence...

CVE-2024-6358

Incorrect Authorization vulnerability identified in OpenText ArcSight Intelligence...

CVE-2024-7428

URL Redirection to Untrusted Site 'Open Redirect' vulnerability in OpenText™ Network Node Manager i NNMi allows URL Redirector Abuse.This issue affects Network Node Manager i NNMi: 2022.11, 2023.05, 23.4, 24.2...

CVE-2024-7427

Improper Neutralization of Input During Web Page Generation XSS or 'Cross-site Scripting' vulnerability in OpenText™ Network Node Manager i NNMi could allow Cross-Site Scripting XSS.This issue affects Network Node Manager i NNMi: 2022.11, 2023.05, 23.4, 24.2...

CVE-2024-0967

A potential vulnerability has been identified in OpenText / Micro Focus ArcSight Enterprise Security Manager ESM. The vulnerability could be remotely exploited...

CVE-2024-3488

File Upload vulnerability in unauthenticated session found in OpenText™ iManager 3.2.6.0200. The vulnerability could allow ant attacker to upload a file without authentication...

CVE-2024-3487

Broken Authentication vulnerability discovered in OpenText™ iManager 3.2.6.0200. This vulnerability allows an attacker to manipulate certain parameters to bypass authentication...

CVE-2024-4187

Stored XSS vulnerability has been discovered in OpenText™ Filr product, affecting versions 24.1.1 and 24.2. The vulnerability could cause users to not be warned when clicking links to external sites...

CVE-2024-3484

Path Traversal found in OpenText™ iManager 3.2.6.0200. This can lead to privilege escalation or file disclosure...

CVE-2024-3485

Server Side Request Forgery vulnerability has been discovered in OpenText™ iManager 3.2.6.0200. This could lead to senstive information disclosure...

CVE-2024-5532

Improper Neutralization of Input During Web Page Generation XSS or 'Cross-site Scripting' vulnerability in OpenText™ Operations Agent. The XSS vulnerability could allow an attacker with local admin permissions to manipulate the content of the internal status page of the Agent on the local system...

CVE-2024-10923

Improper Neutralization of Input During Web Page Generation XSS or 'Cross-site Scripting' vulnerability in OpenText™ ALM Octane Management allows Stored XSS. The vulnerability could result in a remote code execution attack. This issue affects ALM Octane Management: from 16.2.100 through 24.4...