Privilege Escalation Vulnerability in OpenText™ Service Manager
CVE-2025-0884

7.3HIGH

Key Information:

Vendor
Opentext™
Status
Service Manager
Vendor
CVE Published:
12 March 2025

Summary

An unquoted search path vulnerability exists in OpenText™ Service Manager, which allows unauthorized users to gain SYSTEM privileges through privilege escalation. This issue impacts versions 9.70, 9.71, and 9.72 of the Service Manager.

Affected Version(s)

Service Manager 9.70

Service Manager 9.71

Service Manager 9.72

References

CVSS V4

Score:
7.3
Severity:
HIGH
Confidentiality:
High
Integrity:
High
Availability:
High
Attack Vector:
Local
Attack Complexity:
Low
Attack Required:
Physical
Privileges Required:
Undefined
User Interaction:
None

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.