Unrestricted Access Vulnerability in OpenText Privileged Access Manager

CVE-2020-11846

7.5HIGH

Key Information

Vendor: Opentext
Status: Privileged Access Manager
Vendor: CVE Published:; 21 August 2024

Summary

A vulnerability found in OpenText Privileged Access Manager that issues a token. on successful issuance of the token, a cookie gets set that allows unrestricted access to all the application resources. This issue affects Privileged Access Manager before 3.7.0.1.

Affected Version(s)

Privileged Access Manager < 3.7.0.1

CVSS V3.1

Score:

7.5

Severity:

HIGH

Confidentiality:

High

Integrity:

None

Availability:

None

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Timeline

Vulnerability published.
Aug 21, 2024
Vulnerability Reserved.
Apr 16, 2020

Collectors

NVD DatabaseMitre Database