Insufficient Granularity of Access Control Vulnerability Affects SMAX and AMX
CVE-2023-32259

6.5MEDIUM

Key Information:

Vendor: Opentext™
Status: Service Management Automation X (smax); Asset Management X (amx)
Vendor: CVE Published:; 19 March 2024

What is CVE-2023-32259?

The vulnerability in OpenText Service Management Automation X and Asset Management X arises from insufficient granularity of access control mechanisms. This flaw allows for exploitation through incorrectly configured access control security levels, potentially enabling unauthorized access to sensitive information and resources. The vulnerability affects multiple versions of SMAX and AMX, necessitating timely remediation to uphold data security and compliance standards.

Affected Version(s)

Asset Management X (AMX) 2021.08

Asset Management X (AMX) 2021.11

Asset Management X (AMX) 2022.05

References

https://portal.microfocus.com/s/article/KM000018803?langu...

CVSS V3.1

Score:

6.5

Severity:

MEDIUM

Confidentiality:

None

Integrity:

High

Availability:

None

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

Low

User Interaction:

None

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Mar 19, 2024
Vulnerability Reserved
May 5, 2023

Opentext™

What is CVE-2023-32259?

Affected Version(s)

References

CVSS V3.1

Timeline