CVSS: 8.1EPSS: 0%CPEs: 1EXPL: 3CVE-2022-45924 – OpenText Extended ECM 22.3 File Deletion / LFI / Privilege Escsalation
https://notcve.org/view.php?id=CVE-2022-45924
An issue was discovered in OpenText Content Suite Platform 22.1 (16.2.19.1803). The endpoint itemtemplate.createtemplate2 allows a low-privilege user to delete arbitrary files on the server's local filesystem. Se descubrió un problema en OpenText Content Suite Platform 22.1 (16.2.19.1803). El endpoint itemtemplate.createtemplate2 permite a un usuario con pocos privilegios eliminar archivos arbitrarios en el sistema de archivos local del servidor. OpenText Extended ECM versions 16.2.2 through 22.3 suffer from arbitrary file deletion, information disclosure, local file inclusion, and privilege escalation vulnerabilities. • http://packetstormsecurity.com/files/170615/OpenText-Extended-ECM-22.3-File-Deletion-LFI-Privilege-Escsalation.html http://seclists.org/fulldisclosure/2023/Jan/14 https://sec-consult.com/vulnerability-lab/advisory/multiple-post-authentication-vulnerabilities-including-rce-opentexttm-extended-ecm •
CVSS: 8.8EPSS: 0%CPEs: 1EXPL: 3CVE-2022-45926 – OpenText Extended ECM 22.3 File Deletion / LFI / Privilege Escsalation
https://notcve.org/view.php?id=CVE-2022-45926
An issue was discovered in OpenText Content Suite Platform 22.1 (16.2.19.1803). The endpoint notify.localizeEmailTemplate allows a low-privilege user to evaluate webreports. Se descubrió un problema en OpenText Content Suite Platform 22.1 (16.2.19.1803). El endpoint notify.localizeEmailTemplate permite a un usuario con pocos privilegios evaluar informes web. OpenText Extended ECM versions 16.2.2 through 22.3 suffer from arbitrary file deletion, information disclosure, local file inclusion, and privilege escalation vulnerabilities. • http://packetstormsecurity.com/files/170615/OpenText-Extended-ECM-22.3-File-Deletion-LFI-Privilege-Escsalation.html http://seclists.org/fulldisclosure/2023/Jan/14 https://sec-consult.com/vulnerability-lab/advisory/multiple-post-authentication-vulnerabilities-including-rce-opentexttm-extended-ecm • CWE-918: Server-Side Request Forgery (SSRF) •
CVSS: 8.8EPSS: 0%CPEs: 1EXPL: 3CVE-2022-45927
https://notcve.org/view.php?id=CVE-2022-45927
An issue was discovered in OpenText Content Suite Platform 22.1 (16.2.19.1803). The Java application server can be used to bypass the authentication of the QDS endpoints of the Content Server. These endpoints can be used to create objects and execute arbitrary code. Se descubrió un problema en OpenText Content Suite Platform 22.1 (16.2.19.1803). El servidor de aplicaciones Java se puede utilizar para omitir la autenticación de los endpoints QDS del servidor de contenidos. • http://packetstormsecurity.com/files/170614/OpenText-Extended-ECM-22.3-Java-Frontend-Remote-Code-Execution.html http://seclists.org/fulldisclosure/2023/Jan/13 https://sec-consult.com/vulnerability-lab/advisory/pre-authenticated-remote-code-execution-via-java-frontend-qds-endpoint-opentext-extended-ecm • CWE-639: Authorization Bypass Through User-Controlled Key •
CVSS: 8.8EPSS: 0%CPEs: 1EXPL: 3CVE-2022-45928 – OpenText Extended ECM 22.3 File Deletion / LFI / Privilege Escsalation
https://notcve.org/view.php?id=CVE-2022-45928
A remote OScript execution issue was discovered in OpenText Content Suite Platform 22.1 (16.2.19.1803). Multiple endpoints allow the user to pass the parameter htmlFile, which is included in the HTML output rendering pipeline of a request. Because the Content Server evaluates and executes Oscript code in HTML files, it is possible for an attacker to execute Oscript code. The Oscript scripting language allows the attacker (for example) to manipulate files on the filesystem, create new network connections, or execute OS commands. Se descubrió un problema de ejecución remota de OScript en OpenText Content Suite Platform 22.1 (16.2.19.1803). • http://packetstormsecurity.com/files/170615/OpenText-Extended-ECM-22.3-File-Deletion-LFI-Privilege-Escsalation.html http://seclists.org/fulldisclosure/2023/Jan/14 https://sec-consult.com/vulnerability-lab/advisory/multiple-post-authentication-vulnerabilities-including-rce-opentexttm-extended-ecm •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2021-31511 – OpenText Brava! Desktop PDF File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2021-31511
This vulnerability allows remote attackers to execute arbitrary code on affected installations of OpenText Brava! Desktop Build 16.6.4.55. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of PDF files. The issue results from the lack of proper validation of user-supplied data, which can result in a write past the end of an allocated buffer. • https://www.cvedetails.com/vulnerability-list/vendor_id-2032/product_id-96672/Opentext-Brava-Desktop.html?page=1&opec=1&order=1&trc=35&sha=37f4ed0596f8ccacca7d571f22a38c97b0f19f4c https://www.opentext.com/products/brava https://www.zerodayinitiative.com/advisories/ZDI-21-689 • CWE-787: Out-of-bounds Write •