User Enumeration and Data Integrity Vulnerability in OpenText Content Management
CVE-2024-12543

5.9MEDIUM

Key Information:

Vendor: Opentext
Status: Opentext Content Management
Vendor: CVE Published:; 21 April 2025

Summary

A vulnerability in the barcode functionality of OpenText Content Management (versions 24.3 to 25.1) on both Windows and Linux platforms allows an authenticated attacker to potentially manipulate barcode attributes. This could lead to unauthorized data alterations and expose sensitive information, making it imperative for users to apply necessary patches and safeguard their systems.

Affected Version(s)

OpenText Content Management Windows 24.3-25.1

References

https://support.opentext.com/csm?id=ot_kb_unauthenticated...

CVSS V4

Score:

5.9

Severity:

MEDIUM

Confidentiality:

Low

Integrity:

High

Availability:

None

Attack Vector:

Network

Attack Complexity:

High

Attack Required:

Physical

Privileges Required:

Undefined

User Interaction:

None

Timeline

Vulnerability published
Apr 21, 2025
Vulnerability Reserved
Dec 11, 2024

Credit

Hussein Bahmad (NTT Data)