Lucene search

OpenTextCVELIST:CVE-2023-32268

HistoryDec 06, 2023 - 1:29 p.m.

CVE-2023-32268 Administrator equivalent Filr user can access proxy administrator credentials

2023-12-0613:29:03

CWE-522

OpenText

www.cve.org

exposure of credentials

filr

proxy admin

user access

7.2 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

HIGH

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H

7.2 High

AI Score

Confidence

High

0.001 Low

EPSS

Percentile

19.3%

JSON

Exposure of Proxy Administrator Credentials

An authenticated administrator equivalent Filr user can access the credentials of proxy administrators.

CNA Affected

[
  {
    "defaultStatus": "affected",
    "platforms": [
      "64 bit"
    ],
    "product": "Filr",
    "vendor": "OpenText",
    "versions": [
      {
        "lessThanOrEqual": "23.2",
        "status": "affected",
        "version": "5.x",
        "versionType": "rpm"
      }
    ]
  }
]

References

portal.microfocus.com/s/article/KM000020081?language=en_US

7.2 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

HIGH

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H

7.2 High

AI Score

Confidence

High

0.001 Low

EPSS

Percentile

19.3%

JSON

Related for CVELIST:CVE-2023-32268