CVE-2024-6359 – Privilege escalation vulnerability
https://notcve.org/view.php?id=CVE-2024-6359
Privilege escalation vulnerability identified in OpenText ArcSight Intelligence. • https://portal.microfocus.com/s/article/KM000032594 • CWE-269: Improper Privilege Management •
CVE-2024-6358 – Incorrect Authorization vulnerability
https://notcve.org/view.php?id=CVE-2024-6358
Incorrect Authorization vulnerability identified in OpenText ArcSight Intelligence. • https://portal.microfocus.com/s/article/KM000032595 • CWE-863: Incorrect Authorization •
CVE-2024-6361 – Improper Neutralization vulnerability (XSS) has been discovered in OpenText™ ALM Octane product.
https://notcve.org/view.php?id=CVE-2024-6361
Improper Neutralization vulnerability (XSS) has been discovered in OpenText™ ALM Octane. The vulnerability affects all version prior to version 23.4. The vulnerability could cause remote code execution attack. • https://portal.microfocus.com/s/article/KM000032605?language=en_US • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVE-2024-4187 – Stored XSS vulnerability has been discovered in OpenText™ Filr. The vulnerability could cause users to not be warned when clicking links to external sites.
https://notcve.org/view.php?id=CVE-2024-4187
Stored XSS vulnerability has been discovered in OpenText™ Filr product, affecting versions 24.1.1 and 24.2. The vulnerability could cause users to not be warned when clicking links to external sites. • https://portal.microfocus.com/s/article/KM000032291 • CWE-356: Product UI does not Warn User of Unsafe Actions •
CVE-2024-4188 – Security vulnerability exists in Documentum server cloud releases that could allow access to sensitive information which can impact system Operation.
https://notcve.org/view.php?id=CVE-2024-4188
Unprotected Transport of Credentials vulnerability in OpenText™ Documentum™ Server could allow Credential Stuffing.This issue affects Documentum™ Server: from 16.7 through 23.4. • https://support.opentext.com/csm?id=kb_article_view&sysparm_article=KB0815868 • CWE-523: Unprotected Transport of Credentials •