Hard-coded Cryptographic Key Vulnerability Affects OpenText Exceed Turbo X
CVE-2023-38535

9.8CRITICAL

Key Information:

Vendor: Opentext™
Status: Exceed Turbo X
Vendor: CVE Published:; 13 March 2024

What is CVE-2023-38535?

A vulnerability exists in OpenText™ Exceed Turbo X due to the use of hard-coded cryptographic keys in versions 12.5.1 and 12.5.2. This issue could potentially allow unauthorized access to sensitive cryptographic material, increasing the risk of data compromise. Organizations utilizing affected versions are urged to review their deployment and implement necessary security measures to mitigate risks associated with this vulnerability.

Affected Version(s)

Exceed Turbo X 12.5.1

Exceed Turbo X 12.5.2

References

https://support.opentext.com/csm?id=kb_article_view&syspa...

CVSS V3.1

Score:

9.8

Severity:

CRITICAL

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Mar 13, 2024
Vulnerability Reserved
Jul 19, 2023

CVE-2023-38535 Data

JSON

Opentext™

What is CVE-2023-38535?

Affected Version(s)

References

CVSS V3.1

Timeline