CVE-2024-4692

CVSS V2 None CVSS V3 None

Description

Improper Validation of Specified Quantity in Input vulnerability in OpenText OpenText Application Automation Tools allows Exploiting Incorrectly Configured Access Control Security Levels. Multiple missing permission checks - Service Virtualization config has been discovered in in OpenText Application Automation Tools. The vulnerability could allow users with Overall/Read permission to enumerate Service Virtualization server names. This issue affects OpenText Application Automation Tools: 24.1.0 and below.

Overview

CVE ID
CVE-2024-4692

Assigner
OpenText

Vulnerability Status
PUBLISHED

Published Version
2024-10-16T16:41:23.529Z

Last Modified Date
2024-10-16T18:13:23.127Z

Weakness Enumerations

CWE	URL
CWE-280	http://cwe.mitre.org/data/definitions/280.html

References

Reference URL	Reference Tags
https://portal.microfocus.com/s/article/KM000033546?language=en_US

Sources

Source Name	Source URL
NIST	https://nvd.nist.gov/vuln/detail/CVE-2024-4692
MITRE	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-4692

History

Created	Old Value	New Value	Data Type	Notes
2024-10-17 13:08:42				Added to TrackCVE