Privilege Escalation Vulnerability in OpenText™ Service Manager
CVE-2025-0884

7.3HIGH

Key Information:

Vendor: Opentext™
Status: Service Manager
Vendor: CVE Published:; 12 March 2025

What is CVE-2025-0884?

An unquoted search path vulnerability exists in OpenText™ Service Manager, which allows unauthorized users to gain SYSTEM privileges through privilege escalation. This issue impacts versions 9.70, 9.71, and 9.72 of the Service Manager.

Affected Version(s)

Service Manager 9.70

Service Manager 9.71

Service Manager 9.72

References

https://portal.microfocus.com/s/article/KM000036731?langu...

CVSS V4

Score:

7.3

Severity:

HIGH

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Local

Attack Complexity:

Low

Attack Required:

Physical

Privileges Required:

Undefined

User Interaction:

None

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Mar 12, 2025
Vulnerability Reserved
Jan 30, 2025

Opentext™

What is CVE-2025-0884?

Affected Version(s)

References

CVSS V4

Timeline