Arbitrary File Access Vulnerability in OpenText CX-E Voice
CVE-2023-7260

7.5HIGH

Key Information:

Vendor: Opentext™
Status: Cx-e Voice
Vendor: CVE Published:; 22 August 2024

Summary

A Path Traversal vulnerability has been identified in OpenText CX-E Voice, allowing unauthorized users to access restricted system files. This issue impacts all versions of the product up to and including version 22.4. The vulnerability can be exploited by manipulating file paths, enabling an attacker to traverse directories and gain access to files that should be safeguarded. Organizations utilizing OpenText CX-E Voice must take proactive measures to secure their systems against this potential threat.

Affected Version(s)

CX-E Voice all versions <= 22.4

References

https://support.opentext.com/csm?id=kb_article_view&syspa...

CVSS V3.1

Score:

7.5

Severity:

HIGH

Confidentiality:

High

Integrity:

None

Availability:

High

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Timeline

Vulnerability published
Aug 22, 2024
Vulnerability Reserved
May 20, 2024