CVE-2024-9432 | THREATINT

Description

Cleartext Storage of Sensitive Information vulnerability in OpenText™ Vertica allows Retrieve Embedded Sensitive Data. The vulnerability could read Vertica agent plaintext apikey.This issue affects Vertica versions: 23.X, 24.X, 25.X.

PUBLISHED Reserved 2024-10-02 | Published 2026-01-30 | Updated 2026-01-30 | Assigner OpenText

MEDIUM: 6.9CVSS:4.0/AV:L/AC:H/AT:N/PR:H/UI:N/VC:L/VI:N/VA:H/SC:L/SI:N/SA:H/AU:Y/R:U/RE:L/U:Green

Problem types

CWE-312 Cleartext Storage of Sensitive Information

Product status

Default status

unaffected

23.x (custom)

affected

24.x

affected

25.x

affected

Credits

Davide Brian Di Campi, TIM Security Red Team Research finder

Massimiliano Brolli, TIM Security Red Team Research finder

References

portal.microfocus.com/s/article/KM000044937?language=en_US

cve.org (CVE-2024-9432)

nvd.nist.gov (CVE-2024-9432)

Download JSON