CVE-2024-12862 | THREATINT

Description

Incorrect Authorization vulnerability in the OpenText Content Server REST API on Windows, Linux allows users without the appropriate permissions to remove external collaborators.This issue affects Content Server: 20.2-24.4.

PUBLISHED Reserved 2024-12-20 | Published 2025-04-21 | Updated 2025-04-21 | Assigner OpenText

MEDIUM: 5.5CVSS:4.0/AV:N/AC:H/AT:P/PR:H/UI:N/VC:L/VI:L/VA:N/SC:H/SI:H/SA:H

Problem types

CWE-863 Incorrect Authorization

Product status

Default status

unaffected

20.2-24.4

affected

Credits

Hussein Bahmad (NTT Data) finder

References

support.opentext.com/...henticated&sysparm_article=KB0839115

cve.org (CVE-2024-12862)

nvd.nist.gov (CVE-2024-12862)

Download JSON