CVE-2024-4211

CVSS V2 None CVSS V3 None

Description

Improper Validation of Specified Quantity in Input vulnerability in OpenText OpenText Application Automation Tools allows Exploiting Incorrectly Configured Access Control Security Levels. Multiple missing permission checks - ALM job config has been discovered in OpenText Application Automation Tools. The vulnerability could allow users with Overall/Read permission to enumerate ALM server names, usernames and client IDs configured to be used with ALM servers. This issue affects OpenText Application Automation Tools: 24.1.0 and below.

Overview

CVE ID
CVE-2024-4211

Assigner
OpenText

Vulnerability Status
PUBLISHED

Published Version
2024-10-16T16:41:20.927Z

Last Modified Date
2024-10-16T18:54:06.989Z

Weakness Enumerations

CWE	URL
CWE-280	http://cwe.mitre.org/data/definitions/280.html

References

Reference URL	Reference Tags
https://portal.microfocus.com/s/article/KM000033543?language=en_US

Sources

Source Name	Source URL
NIST	https://nvd.nist.gov/vuln/detail/CVE-2024-4211
MITRE	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-4211

History

Created	Old Value	New Value	Data Type	Notes
2024-10-17 13:08:07				Added to TrackCVE