CVE-2023-4550

CVSS V2 None CVSS V3 None

Description

Improper Input Validation, Files or Directories Accessible to External Parties vulnerability in OpenText AppBuilder on Windows, Linux allows Probe System Files. An unauthenticated or authenticated user can abuse a page of AppBuilder to read arbitrary files on the server on which it is hosted. This issue affects AppBuilder: from 21.2 before 23.2.

Overview

CVE ID
CVE-2023-4550

Assigner
OpenText

Vulnerability Status
PUBLISHED

Published Version
2024-01-29T20:56:09.908Z

Last Modified Date
2024-01-29T20:56:09.908Z

Weakness Enumerations

CWE	URL
CWE-20	http://cwe.mitre.org/data/definitions/20.html
CWE-552	http://cwe.mitre.org/data/definitions/552.html

References

Reference URL	Reference Tags
https://support.opentext.com/csm?id=ot_kb_search&kb_category=61648712db61781068cfd6c4e296197b

Sources

Source Name	Source URL
NIST	https://nvd.nist.gov/vuln/detail/CVE-2023-4550
MITRE	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-4550

History

Created	Old Value	New Value	Data Type	Notes
2024-06-24 20:04:06				Added to TrackCVE