CVSS: 8.8EPSS: 0%CPEs: 3EXPL: 0CVE-2023-4551 – Command Injection via Task Scheduler
https://notcve.org/view.php?id=CVE-2023-4551
Improper Input Validation vulnerability in OpenText AppBuilder on Windows, Linux allows OS Command Injection. The AppBuilder's Scheduler functionality that facilitates creation of scheduled tasks is vulnerable to command injection. This allows authenticated users to inject arbitrary operating system commands into the executing process. This issue affects AppBuilder: from 21.2 before 23.2. Vulnerabilidad de validación de entrada incorrecta en OpenText AppBuilder en Windows, Linux permite la inyección de comandos del sistema operativo. La funcionalidad Scheduler de AppBuilder que facilita la creación de tareas programadas es vulnerable a la inyección de comandos. Esto permite a los usuarios autenticados inyectar comandos arbitrarios del sistema operativo en el proceso de ejecución. • https://support.opentext.com/csm?id=ot_kb_search&kb_category=61648712db61781068cfd6c4e296197b • CWE-20: Improper Input Validation •
CVSS: 7.5EPSS: 0%CPEs: 3EXPL: 0CVE-2023-4550 – Unauthenticated Arbitrary File Read
https://notcve.org/view.php?id=CVE-2023-4550
Improper Input Validation, Files or Directories Accessible to External Parties vulnerability in OpenText AppBuilder on Windows, Linux allows Probe System Files. An unauthenticated or authenticated user can abuse a page of AppBuilder to read arbitrary files on the server on which it is hosted. This issue affects AppBuilder: from 21.2 before 23.2. Vulnerabilidad de validación de entrada incorrecta, archivos o directorios accesibles a partes externas en OpenText AppBuilder en Windows, Linux permite sondear archivos del sistema. Un usuario autenticado o no autenticado puede abusar de una página de AppBuilder para leer archivos arbitrarios en el servidor en el que está alojada. Este problema afecta a AppBuilder: desde 21.2 antes de 23.2. • https://support.opentext.com/csm?id=ot_kb_search&kb_category=61648712db61781068cfd6c4e296197b • CWE-20: Improper Input Validation CWE-552: Files or Directories Accessible to External Parties •
CVSS: 7.1EPSS: 0%CPEs: 1EXPL: 1CVE-2022-41221
https://notcve.org/view.php?id=CVE-2022-41221
The client in OpenText Archive Center Administration through 21.2 allows XXE attacks. Authenticated users of the OpenText Archive Center Administration client (Versions 16.2.3, 21.2, and older versions) could upload XML files to the application that it did not sufficiently validate. As a result, attackers could craft XML files that, when processed by the application, would cause a negative security impact such as data exfiltration or localized denial of service against the application instance and system of the user running it. • https://labs.withsecure.com/advisories/opentext-archive-center-administration-client-xxe-vulnerability • CWE-611: Improper Restriction of XML External Entity Reference •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 1CVE-2023-31871
https://notcve.org/view.php?id=CVE-2023-31871
OpenText Documentum Content Server before 23.2 has a flaw that allows for privilege escalation from a non-privileged Documentum user to root. The software comes prepackaged with a root owned SUID binary dm_secure_writer. The binary has security controls in place preventing creation of a file in a non-owned directory, or as the root user. However, these controls can be carefully bypassed to allow for an arbitrary file write as root. • https://gist.github.com/picar0jsu/a8e623639da34f36202ce5e436668de7 •
CVSS: 9.8EPSS: 0%CPEs: 1EXPL: 0CVE-2022-35898
https://notcve.org/view.php?id=CVE-2022-35898
OpenText BizManager before 16.6.0.1 does not perform proper validation during the change-password operation. This allows any authenticated user to change the password of any other user, including the Administrator account. • https://businessnetwork.opentext.com/b2b-gateway https://hackandpwn.com/disclosures/CVE-2022-35898.pdf • CWE-287: Improper Authentication •