Crafted Requests Can Bypass Authentication in OpenText Vertica Management Console
CVE-2023-7248

9.8CRITICAL

Key Information:

Vendor: Opentext
Status: Vertica Management Console
Vendor: CVE Published:; 15 March 2024

What is CVE-2023-7248?

A vulnerability has been identified in the authentication functionality of OpenText Vertica Management Console, where specially crafted requests could potentially bypass security measures. This affects multiple versions of the console, particularly those that are outdated. Affected versions include all versions of 10.x, 11.1.1-24 and lower, as well as 12.0.4-18 and lower. To mitigate this issue, users are advised to upgrade to the latest versions available: 11.1.1-25, 12.0.4-19, or the 23.x and 24.x series. Timely action is crucial to ensure system integrity and security.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

Affected Version(s)

Vertica Management Console 10.x

Vertica Management Console 11.x <= 11.1.1-24

Vertica Management Console 12.x <= 12.0.4-18

References

https://portal.microfocus.com/s/article/KM000027542?langu...

CVSS V3.1

Score:

9.8

Severity:

CRITICAL

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Timeline

Vulnerability published
Mar 15, 2024
Vulnerability Reserved
Feb 26, 2024

JSON

Opentext

What is CVE-2023-7248?

Human OS v1.0: Ageing Is an Unpatched Zero-Day Vulnerability.

Affected Version(s)

References

CVSS V3.1

Timeline

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.