目標達成 すべての支援者に感謝 — 100%達成しました!

目標: 1000 CNY · 調達済み: 1000 CNY

100.0%
コーヒーを一杯おごる

OpenText 厂商漏洞列表 / CVE 中文分析 144

OpenText 厂商相关 144 条 CVE 漏洞,含 AI 中文分析、POC、CVSS 评分与受影响产品。

OpenText 主要提供企业级内容管理与信息治理解决方案。其软件历史上频繁出现远程代码执行、跨站脚本及越权访问等高危漏洞,累计收录 CVE 达 144 条。这些缺陷多源于复杂架构中的输入验证缺失或权限配置错误。近期安全事件凸显了其在处理敏感数据时的潜在风险,建议用户及时修补已知漏洞并强化访问控制策略,以保障企业数据资产安全。

上位製品 OpenText: Brava! Desktop iManager NetIQ Advance Authentication eDirectory Flipper AppBuilder OpenText Application Automation Tools ArcSight Enterprise Security Manager Privileged Access Manager ArcSight Intelligence OpenText Content Management NetIQ Access Manager Secure Content Manager OpenText Directory Services Self Service Password Reset Performance Center Dimensions RM ArcSight Management Center PVCS Version Manager Advance Authentication Advanced Authentication OpenText Enterprise Security Manager Identity Manager AzureAD Driver NetIQ Directory and Resource Administrator Identity Manager Advanced Edition Content Server Identity Manager IDM Driver and Extensions Identity Manager REST Driver 1.1.2.0200 Operations Agent
CVE IDタイトルCVSS深刻度公開日
CVE-2021-38135 Possible External service interaction Vulnerability in OpenText iManager — iManagerCWE-918 8.6 High2024-11-22
CVE-2022-26324 Possible XSS in iManager URL for access Component — iManagerCWE-79 7.6 High2024-11-22
CVE-2023-24466 Possible XML External Entity Injection in OpenText iManager — iManagerCWE-611 7.5 High2024-11-22
CVE-2023-24467 Possible Command Injection in OpenText iManager — iManagerCWE-77 8.8 High2024-11-22
CVE-2024-9841 OpenText ArcSight Management Center and ArcSight Platform Stored XSS — ArcSight Management CenterCWE-79 6.1 -2024-11-08
CVE-2020-11859 Potential Cross Site Scripting vulnerability in OpenText iManager — iManagerCWE-79 7.6 High2024-11-06
CVE-2024-4692 Multiple missing permission checks — OpenText Application Automation ToolsCWE-280 4.3AIMediumAI2024-10-16
CVE-2024-4690 Insecure usage for DocumentBuilderFactory and TransformerFactory in OpenText Application Automation Tools — OpenText Application Automation ToolsCWE-611 9.8AICriticalAI2024-10-16
CVE-2024-4211 Multiple missing permission checks — OpenText Application Automation ToolsCWE-280 4.3AIMediumAI2024-10-16
CVE-2024-4189 Multiple XXE sinks in Run LoadRunner script step in OpenText Application Automation Tools — OpenText Application Automation ToolsCWE-611 9.8AICriticalAI2024-10-16
CVE-2024-4184 Multiple XXE sinks in ALM archive post-build step in OpenText Application Automation Tools — OpenText Application Automation ToolsCWE-611 9.8AICriticalAI2024-10-16
CVE-2021-22503 Improper Neutralization of Input During Web Page Generation Vulnerability — eDirectoryCWE-79 5.4 Medium2024-09-12
CVE-2021-22518 Sensitive Information logging in NetIQ Identity Manager Driver — Identity Manager AzureAD DriverCWE-532 5.8 Medium2024-09-12
CVE-2021-22532 Possible NLDAP Denial of Service attack Vulnerability — eDirectoryCWE-770 7.6 High2024-09-12
CVE-2021-22533 Possible Insertion of Sensitive Information into Log File Vulnerability — eDirectoryCWE-532 6.5 Medium2024-09-12
CVE-2021-38131 Cross-Site Scripting (XSS) Vulnerability — eDirectoryCWE-79 5.4 Medium2024-09-12
CVE-2021-38132 Possible External service interaction Vulnerability — eDirectoryCWE-918 5.3 Medium2024-09-12
CVE-2021-38133 Possible Improper authentication Vulnerability in OpenText eDirectory — eDirectoryCWE-521 7.4 High2024-09-12
CVE-2022-26322 Possible Insertion of Sensitive Information into Log File Vulnerability in Identity Manager — Identity Manager REST Driver 1.1.2.0200CWE-532 4.9 Medium2024-09-12
CVE-2021-22509 Handling of sensitive data in process memory in NetIQ Advance Authentication — NetIQ Advance AuthenticationCWE-312 8.1 High2024-08-28
CVE-2021-22529 Sensitive Data Exposure leaks potential information in NetIQ Advance Authentication — NetIQ Advance AuthenticationCWE-200 6.3 Medium2024-08-28
CVE-2021-22530 Improper account management vulnerability in NetIQ Advance Authentication — NetIQ Advance AuthenticationCWE-667 8.2 High2024-08-28
CVE-2021-38120 Remote Code Execution using Bash command Injection in backup scheduling functionality in NetIQ Advance Authentication — NetIQ Advance AuthenticationCWE-77 5.1 Medium2024-08-28
CVE-2021-38121 Weak communication protocol identified in Advance Authentication client application — NetIQ Advance AuthenticationCWE-326 8.3 High2024-08-28
CVE-2021-38122 Cross-Site Scripting (XSS) in Advance Authentication — NetIQ Advance AuthenticationCWE-20 6.2 Medium2024-08-28
CVE-2024-4554 Multiple xss vulnerability in NetIQ Access Manager — Access ManagerCWE-79 7.3 High2024-08-28
CVE-2024-4555 User impersonation with MFA when configure in specific way — NetIQ Access ManagerCWE-266 7.7 High2024-08-28
CVE-2024-4556 Directory traversal vulnerability in NetIQ Access Manager — NetIQ Access ManagerCWE-22 5.7 Medium2024-08-28
CVE-2022-26327 Stored cross-site scripting (XSS) has been discovered in OpenText™ Performance Center — Performance CenterCWE-200 7.5 -2024-08-21
CVE-2022-26328 User enumeration vulnerability has been discovered in OpenText™ Performance Center — Performance CenterCWE-79 6.1AIMediumAI2024-08-21

本页汇总了 OpenText 厂商截至目前公开的全部 144 条 CVE 漏洞。每条漏洞均包含 CVSS 评分、CWE 弱点分类、受影响产品与参考链接,并附带 AI 生成的中文分析以便快速判断风险。