Description


A vulnerability found in OpenText Privileged Access Manager that issues a token. on successful issuance of the token, a cookie gets set that allows unrestricted access to all the application resources. This issue affects Privileged Access Manager before 3.7.0.1.

Related CPE's


Could not find any relations

Weaknesses



CWE-269

CVSS impact metrics


CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:H/A:N

8.7 · High

  • CVSS V3.1

  • CVSS V3.0

  • CVSS V2.0

Information


Source identifier

[email protected]

Vulnerability status

Undergoing analysis

Published

2024-08-21T14:15:07.737

3 weeks ago

Last modified

2024-08-21T16:06:23.153

3 weeks ago