CVE-2024-10863— Client-side audit exclusion vulnerability

EPSS 0.15% · P35 Updated Jan 25, 2025

Get alerts for future matching vulnerabilitiesLog in to subscribe

I. Basic Information for CVE-2024-10863

Vulnerability Information

Have questions about the vulnerability? See if Shenlong's analysis helps!

Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.

Vulnerability Title

Client-side audit exclusion vulnerability

Source: NVD (National Vulnerability Database)

Vulnerability Description

: Insufficient Logging vulnerability in OpenText Secure Content Manager on Windows allows Audit Log Manipulation.This issue affects Secure Content Manager: from 10.1 before <24.4. End-users can potentially exploit the vulnerability to exclude audit trails from being recorded on the client side.

Source: NVD (National Vulnerability Database)

CVSS Information

N/A

Source: NVD (National Vulnerability Database)

Vulnerability Type

不充分的日志记录

Source: NVD (National Vulnerability Database)

Vulnerability Title

OpenText Secure Content Manager 安全漏洞

Source: CNNVD (China National Vulnerability Database)

Vulnerability Description

OpenText Secure Content Manager是加拿大OpenText公司的一款企业级内容管理解决方案。 OpenText Secure Content Manager 24.3及之前版本存在安全漏洞，该漏洞源于存在客户端审计排除漏洞，可能会利用该漏洞将审计跟踪排除在客户端记录之外。

Source: CNNVD (China National Vulnerability Database)

CVSS Information

N/A

Source: CNNVD (China National Vulnerability Database)

Vulnerability Type

N/A

Source: CNNVD (China National Vulnerability Database)

Affected Products

Vendor	Product	Affected Versions	CPE	Subscribe
OpenText	Secure Content Manager	10.1 ~ <24.4	-

II. Public POCs for CVE-2024-10863

#	POC Description	Source Link	Shenlong Link

AI-Generated POCPremium

No public POC found.

III. Intelligence Information for CVE-2024-10863

请登录查看更多情报信息。

Same Patch Batch · OpenText · 2024-11-22 · 10 CVEs total

CVE-2021-38117	8.8 HIGH	Possible Remote Code Execution Vulnerability OpenText iManager
CVE-2021-38116	8.8 HIGH	Possible Command injection Vulnerability in OpenText iManager
CVE-2023-24467	8.8 HIGH	Possible Command Injection in OpenText iManager
CVE-2021-38135	8.6 HIGH	Possible External service interaction Vulnerability in OpenText iManager
CVE-2022-26324	7.6 HIGH	Possible XSS in iManager URL for access Component
CVE-2023-24466	7.5 HIGH	Possible XML External Entity Injection in OpenText iManager
CVE-2021-38134	6.1 MEDIUM	Possible Reflected and Stored XSS in OpenText iManager
CVE-2021-38119	6.1 MEDIUM	Possible Reflected Cross-Site Scripting (XSS) Vulnerability in OpenText iManager
CVE-2021-38118	5.5 MEDIUM	Possible Local Privilege Escalation Vulnerability in OpenText iManager

IV. Related Vulnerabilities

Same product: Secure Content Manager

Same vendor: OpenText

Same weakness: CWE-778

V. Comments for CVE-2024-10863

No comments yet

Goal Reached Thanks to every supporter — we hit 100%!

CVE-2024-10863— Client-side audit exclusion vulnerability

I. Basic Information for CVE-2024-10863

Vulnerability Information

Vulnerability Title

Vulnerability Description

CVSS Information

Vulnerability Type

Vulnerability Title

Vulnerability Description

CVSS Information

Vulnerability Type

Affected Products

II. Public POCs for CVE-2024-10863

III. Intelligence Information for CVE-2024-10863

Same Patch Batch · OpenText · 2024-11-22 · 10 CVEs total

IV. Related Vulnerabilities

V. Comments for CVE-2024-10863

Leave a comment