Description
An unauthorized user can modify configuration through API calls that affects the OpenText Access Manager. This issue affects Access Manager before 5.1.3.
CVSS breakdown
CVSS 4.0
Attack Vector
Network
Attack Complexity
High
Attack Requirements
Present
Privileges Required
None
User Interaction
None
Confidentiality (Vulnerable System)
None
Integrity (Vulnerable System)
Low
Availability (Vulnerable System)
None
Confidentiality (Subsequent System)
Low
Integrity (Subsequent System)
Low
Availability (Subsequent System)
None
Affected products
- OpenText™ / Access Manager5.1 – 5.1.2