Authorization Flaw in OpenText Content Server REST API for Windows and Linux
CVE-2024-12862

5.5MEDIUM

Key Information:

Vendor: Opentext
Status: Content Server
Vendor: CVE Published:; 21 April 2025

What is CVE-2024-12862?

An authorization vulnerability exists in the OpenText Content Server REST API that permits users lacking proper permissions to remove external collaborators from the system. This issue is particularly pervasive across specific versions of the Content Server operating on Windows and Linux platforms, necessitating immediate attention to mitigate unauthorized access and ensure robust data governance.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

Affected Version(s)

Content Server Windows 20.2-24.4

References

https://support.opentext.com/csm?id=ot_kb_unauthenticated...

CVSS V4

Score:

5.5

Severity:

MEDIUM

Confidentiality:

Low

Integrity:

Low

Availability:

None

Attack Vector:

Network

Attack Complexity:

High

Attack Required:

Physical

Privileges Required:

Undefined

User Interaction:

None

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Apr 21, 2025
Vulnerability Reserved
Dec 20, 2024

JSON

Opentext