CVSS: 10.0EPSS: 0%CPEs: 25EXPL: 0CVE-2023-4501 – Authentication bypass in OpenText (Micro Focus) Enterprise Server
https://notcve.org/view.php?id=CVE-2023-4501
12 Sep 2023 — User authentication with username and password credentials is ineffective in OpenText (Micro Focus) Visual COBOL, COBOL Server, Enterprise Developer, and Enterprise Server (including product variants such as Enterprise Test Server), versions 7.0 patch updates 19 and 20, 8.0 patch updates 8 and 9, and 9.0 patch update 1, when LDAP-based authentication is used with certain configurations. When the vulnerability is active, authentication succeeds with any valid username, regardless of whether the password is c... • https://portal.microfocus.com/s/article/KM000021287 • CWE-253: Incorrect Check of Function Return Value CWE-287: Improper Authentication CWE-305: Authentication Bypass by Primary Weakness CWE-358: Improperly Implemented Security Check for Standard •