HIGH✓ PATCH🇬🇧 English

CVE-2023-24467

CVSS 8.8v3.1pub. 2024-11-22upd. 2025-04-10

Possible Command Injection in iManager GET parameter has been discovered in OpenText™ iManager 3.2.6.0000.

oryginał EN
CVSS Vector
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
  • Microfocus Imanager

    APP
    Microfocus
    3.2.63.0 – 3.2.6 (bez)
🟢
PATCH DOSTĘPNY
Aktualizacja od producenta gotowa. Wdrożenie w ramach standardowego cyklu.
Tagi
Command Injection
CWE
Referencje

Powiązane podatności

CVE-2022-26324HIGH7.6ten sam produkt

Possible XSS in iManager URL for access Component has been discovered in OpenText™ iManager 3.2.6.0000.

CVE-2021-38116HIGH8.8ten sam produkt

Possible Elevation of Privilege Vulnerability in iManager has been discovered in OpenText™ iManager. This imp...

CVE-2021-38117HIGH8.8ten sam produkt

Possible Command injection Vulnerability in iManager has been discovered in OpenText™ iManager 3.2.4.0000.

CVE-2021-38135HIGH8.6ten sam produkt

Possible External Service Interaction attack in iManager has been discovered in OpenText™ iManager 3.2.6.000...

CVE-2023-24466HIGH7.5ten sam produkt

Possible XML External Entity Injection in iManager GET parameter has been discovered in OpenText™ iManager ...