HIGH🇬🇧 English

CVE-2024-6361

CVSS 7.3v4.0pub. 2024-08-05upd. 2024-08-28

Improper Neutralization vulnerability (XSS) has been discovered in OpenText™ ALM Octane. The vulnerability affects all version prior to version 23.4. The vulnerability could cause remote code execution attack.

oryginał EN
CVSS Vector
CVSS:4.0/AV:L/AC:H/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:N/AU:N/R:A/V:C/RE:M/U:Red
  • Opentext Alm Octane

    APP
    Opentext
    < 23.4
🔵
ZWERYFIKUJ U PRODUCENTA
Brak jednoznacznych danych o patchu. Sprawdź referencje od producenta.
Tagi
RCEXSS
CWE
Referencje

Powiązane podatności

CVE-2023-6123HIGH7.5ten sam produkt

Improper Neutralization vulnerability affects OpenText ALM Octane version 16.2.100 and above. The vulnerabilit...

CVE-2022-35898CRITICAL9.8ten sam vendor

OpenText BizManager before 16.6.0.1 does not perform proper validation during the change-password operation. T...

CVE-2017-5802CRITICAL9.8ten sam vendor

A Remote Gain Privileged Access vulnerability in HPE Vertica Analytics Platform version v4.1 and later was fou...

CVE-2017-14759CRITICAL9.8ten sam vendor

OpenText Document Sciences xPression (formerly EMC Document Sciences xPression) v4.5SP1 Patch 13 (older versio...

CVE-2017-5586CRITICAL9.8ten sam vendor

OpenText Documentum D2 (formerly EMC Documentum D2) 4.x allows remote attackers to execute arbitrary commands ...