Uncontrolled Search Path Element Vulnerability in OpenText Secure Content Manager for Windows
CVE-2024-12530

7HIGH

Key Information:

Vendor: Opentext
Status: Secure Content Manager
Vendor: CVE Published:; 17 April 2025

Summary

An uncontrolled search path element vulnerability has been identified in OpenText Secure Content Manager specifically for Windows systems. This security flaw enables DLL side-loading, which could allow an attacker to execute malicious code within the application’s trusted environment. Utilizing this vulnerability, end-users might unwittingly load malicious libraries through the application, potentially leading to unauthorized actions and data exposure. It is crucial for users and administrators of the affected product version to assess their security configurations and implement necessary mitigation strategies.

Affected Version(s)

Secure Content Manager Windows 23.4

References

https://portal.microfocus.com/s/article/KM000040073?

CVSS V4

Score:

Severity:

HIGH

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Local

Attack Complexity:

Low

Attack Required:

None

Privileges Required:

Undefined

User Interaction:

Unknown

Timeline

Vulnerability published
Apr 17, 2025
Vulnerability Reserved
Dec 11, 2024

Credit

Kirwin Webb of Dvuln