Path Traversal Vulnerability in OpenText iManager Could Lead to Privilege Escalation or File Disclosure
CVE-2024-3484

9.8CRITICAL

Key Information:

Vendor: Opentext
Status: Imanager
Vendor: CVE Published:; 15 May 2024

Summary

A path traversal vulnerability exists in OpenText™ iManager version 3.2.6.0200, allowing an attacker to exploit this flaw and potentially escalate their privileges or access sensitive files. By manipulating directory traversal mechanisms, unauthorized users could gain access to restricted areas, inadvertently exposing critical data.

Affected Version(s)

iManager Windows 3.0.0 <= 3.2.6.0300

References

https://www.netiq.com/documentation/imanager-32/imanager3...

CVSS V3.1

Score:

9.8

Severity:

CRITICAL

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Timeline

Vulnerability published
May 15, 2024
Vulnerability Reserved
Apr 8, 2024

Credit

Blaine Herro (Yahoo! Inc. VRT)