File Deletion Vulnerability in OpenText Content Suite Platform
CVE-2022-45924

8.1HIGH

Key Information:

Vendor

Opentext
Status
Opentext Extended Ecm
Vendor
CVE Published:
18 January 2023

What is CVE-2022-45924?

A vulnerability exists in the OpenText Content Suite Platform 22.1 (16.2.19.1803) where a low-privilege user can exploit the itemtemplate.createtemplate2 endpoint to delete arbitrary files on the server's local filesystem. This poses significant risks, allowing unauthorized file manipulation, which could lead to data loss or system compromise.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

References

https://sec-consult.com/vulnerability-lab/advisory/multip...
http://seclists.org/fulldisclosure/2023/Jan/14
mailing-list
http://packetstormsecurity.com/files/170615/OpenText-Exte...

CVSS V3.1

Score:
8.1
Severity:
HIGH
Confidentiality:
None
Integrity:
High
Availability:
None
Attack Vector:
Network
Attack Complexity:
Low
Privileges Required:
Low
User Interaction:
None
Scope:
Unchanged

Timeline

  • Vulnerability published

  • Vulnerability Reserved

JSON
.