Authentication Bypass Vulnerability in AccuRev for LDAP Integration

CVE-2019-17082

Summary

The insufficiently protected credentials vulnerability in OpenText AccuRev presents a significant security risk, particularly for installations on Linux and Solaris systems. This flaw allows an attacker with knowledge of a valid AccuRev username to gain unauthorized access to AccuRev source control through the AccuRev client, bypassing the need for the user's password. Organizations using AccuRev 2017.1 must take immediate precautions to secure their systems against potential exploitation of this vulnerability.

References