Unauthorized Access to Restricted Information via RPC
CVE-2023-38534

7.5HIGH

Key Information:

Vendor: Opentext™
Status: Exceed Turbo X
Vendor: CVE Published:; 13 March 2024

What is CVE-2023-38534?

An improper authentication issue exists in OpenText Exceed Turbo X versions 12.5.0 and 12.5.1. This vulnerability may allow unauthorized access to restricted information through unauthenticated Remote Procedure Call (RPC) mechanisms. Users and organizations utilizing affected versions should assess their systems to mitigate potential risk from this exposure.

Affected Version(s)

Exceed Turbo X 12.5.0

Exceed Turbo X 12.5.1

References

https://support.opentext.com/csm?id=kb_article_view&syspa...

CVSS V3.1

Score:

7.5

Severity:

HIGH

Confidentiality:

High

Integrity:

None

Availability:

High

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Mar 13, 2024
Vulnerability Reserved
Jul 19, 2023

CVE-2023-38534 Data

JSON

Opentext™

What is CVE-2023-38534?

Affected Version(s)

References

CVSS V3.1

Timeline