Authentication Bypass Vulnerability in OpenText Privileged Access Manager
CVE-2024-12111
8HIGH
Summary
CVE-2024-12111 is a security vulnerability that occurs within the OpenText Privileged Access Manager under specific conditions, enabling LDAP users to exploit the authentication process and gain unauthorized access. This vulnerability impacts Privileged Access Manager versions 23.3 (4.4) and 24.3 (4.5), posing significant risks to organizations utilizing these versions, allowing potential attackers to circumvent security measures and access sensitive information. Organizations are urged to review the security implications of this vulnerability and implement recommended updates to mitigate risks.
Affected Version(s)
Privileged Access Manager Windows 23.3(4.4); 24.3(4.5)
References
CVSS V3.1
Score:
8
Severity:
HIGH
Confidentiality:
High
Integrity:
High
Availability:
High
Attack Vector:
Network
Attack Complexity:
High
Privileges Required:
Low
User Interaction:
Required
Scope:
Changed
Timeline
Vulnerability published
Vulnerability Reserved
Collectors
NVD DatabaseMitre Database