CVE-2024-4211
CVE-2024-4211
Título es
CVE-2024-4211
Mié, 16/10/2024 – 17:15
Tipo
CWE-280
Gravedad 2.0 Txt
Pendiente de análisis
Título en
CVE-2024-4211
Descripción en
Improper Validation of Specified Quantity in Input vulnerability in OpenText OpenText Application Automation Tools allows Exploiting Incorrectly Configured Access Control Security Levels.
Multiple missing permission checks – ALM job config has been discovered in OpenText Application Automation Tools. The vulnerability could allow users with Overall/Read permission to enumerate ALM server names, usernames and client IDs configured to be used with ALM servers.
This issue affects OpenText Application Automation Tools: 24.1.0 and below.
16/10/2024
16/10/2024
Vector CVSS:4.0
CVSS:4.0/AV:N/AC:L/AT:P/PR:H/UI:A/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:N/AU:N/R:X/V:X/RE:L/U:Clear
Gravedad 4.0
1.80
Gravedad 4.0 txt
LOW
Gravedad 3.1 Txt Gravedad 3.1 (CVSS 3.1 Base Score)
Pendiente de análisis
Enviar en el boletín
Off
