We use these services and cookies to improve your user experience. You may opt out if you wish, however, this may limit some features on this site.

Please see our statement on Data Privacy.

Crisp.chat (Helpdesk and Chat)

Ok

THREATINT
PUBLISHED

CVE-2025-0885

Incorrect Authorization vulnerability affects OpenText™ GroupWise



Description

Incorrect Authorization vulnerability in OpenText™ GroupWise allows Exploiting Incorrectly Configured Access Control Security Levels. The vulnerability could allow unauthorized access to calendar items marked private. This issue affects GroupWise versions 7 through 17.5, 23.4, 24.1, 24.2, 24.3, 24.4.

Reserved 2025-01-30 | Published 2025-07-03 | Updated 2025-07-03 | Assigner OpenText


LOW: 1.8CVSS:4.0/AV:L/AC:L/AT:P/PR:H/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/S:P/AU:Y/R:A/V:D/RE:L/U:Green

Problem types

CWE-863 Incorrect Authorization

Product status

Default status
unaffected

7
affected

23.4
affected

24.1
affected

24.2
affected

24.3
affected

24.4
affected

References

portal.microfocus.com/s/article/KM000041560?language=en_US

cve.org (CVE-2025-0885)

nvd.nist.gov (CVE-2025-0885)

Download JSON

Share this page
https://cve.threatint.eu/CVE/CVE-2025-0885

Support options

Helpdesk Chat, Email, Knowledgebase