Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

Opentext — Vulnerabilities & Security Advisories 144

Browse all 144 CVE security advisories affecting Opentext. AI-powered Chinese analysis, POCs, and references for each vulnerability.

OpenText operates as a global enterprise information management provider, offering solutions for content management, digital asset management, and analytics. Its extensive software portfolio, including Content Server and Exstream, has historically been a frequent target for security researchers, resulting in a significant number of recorded Common Vulnerabilities and Exposures. The most prevalent vulnerability classes affecting these platforms include remote code execution, cross-site scripting, and privilege escalation flaws, often stemming from insufficient input validation or improper access controls. While the company maintains standard security protocols, the sheer volume of its legacy and integrated applications creates a broad attack surface. Recent incidents highlight the critical need for rigorous patch management and continuous monitoring to mitigate risks associated with these complex enterprise systems, ensuring that sensitive data remains protected against evolving cyber threats.

Top products by Opentext: Brava! Desktop iManager NetIQ Advance Authentication eDirectory Flipper AppBuilder OpenText Application Automation Tools ArcSight Enterprise Security Manager Privileged Access Manager ArcSight Intelligence OpenText Content Management NetIQ Access Manager Secure Content Manager OpenText Directory Services Self Service Password Reset Performance Center Dimensions RM ArcSight Management Center PVCS Version Manager Advance Authentication Advanced Authentication OpenText Enterprise Security Manager Identity Manager AzureAD Driver NetIQ Directory and Resource Administrator Identity Manager Advanced Edition Content Server Identity Manager IDM Driver and Extensions Identity Manager REST Driver 1.1.2.0200 Operations Agent
CVE IDTitleCVSSSeverityPublished
CVE-2021-38135 Possible External service interaction Vulnerability in OpenText iManager — iManagerCWE-918 8.6 High2024-11-22
CVE-2022-26324 Possible XSS in iManager URL for access Component — iManagerCWE-79 7.6 High2024-11-22
CVE-2023-24466 Possible XML External Entity Injection in OpenText iManager — iManagerCWE-611 7.5 High2024-11-22
CVE-2023-24467 Possible Command Injection in OpenText iManager — iManagerCWE-77 8.8 High2024-11-22
CVE-2024-9841 OpenText ArcSight Management Center and ArcSight Platform Stored XSS — ArcSight Management CenterCWE-79 6.1 -2024-11-08
CVE-2020-11859 Potential Cross Site Scripting vulnerability in OpenText iManager — iManagerCWE-79 7.6 High2024-11-06
CVE-2024-4692 Multiple missing permission checks — OpenText Application Automation ToolsCWE-280 4.3AIMediumAI2024-10-16
CVE-2024-4690 Insecure usage for DocumentBuilderFactory and TransformerFactory in OpenText Application Automation Tools — OpenText Application Automation ToolsCWE-611 9.8AICriticalAI2024-10-16
CVE-2024-4211 Multiple missing permission checks — OpenText Application Automation ToolsCWE-280 4.3AIMediumAI2024-10-16
CVE-2024-4189 Multiple XXE sinks in Run LoadRunner script step in OpenText Application Automation Tools — OpenText Application Automation ToolsCWE-611 9.8AICriticalAI2024-10-16
CVE-2024-4184 Multiple XXE sinks in ALM archive post-build step in OpenText Application Automation Tools — OpenText Application Automation ToolsCWE-611 9.8AICriticalAI2024-10-16
CVE-2021-22503 Improper Neutralization of Input During Web Page Generation Vulnerability — eDirectoryCWE-79 5.4 Medium2024-09-12
CVE-2021-22518 Sensitive Information logging in NetIQ Identity Manager Driver — Identity Manager AzureAD DriverCWE-532 5.8 Medium2024-09-12
CVE-2021-22532 Possible NLDAP Denial of Service attack Vulnerability — eDirectoryCWE-770 7.6 High2024-09-12
CVE-2021-22533 Possible Insertion of Sensitive Information into Log File Vulnerability — eDirectoryCWE-532 6.5 Medium2024-09-12
CVE-2021-38131 Cross-Site Scripting (XSS) Vulnerability — eDirectoryCWE-79 5.4 Medium2024-09-12
CVE-2021-38132 Possible External service interaction Vulnerability — eDirectoryCWE-918 5.3 Medium2024-09-12
CVE-2021-38133 Possible Improper authentication Vulnerability in OpenText eDirectory — eDirectoryCWE-521 7.4 High2024-09-12
CVE-2022-26322 Possible Insertion of Sensitive Information into Log File Vulnerability in Identity Manager — Identity Manager REST Driver 1.1.2.0200CWE-532 4.9 Medium2024-09-12
CVE-2021-22509 Handling of sensitive data in process memory in NetIQ Advance Authentication — NetIQ Advance AuthenticationCWE-312 8.1 High2024-08-28
CVE-2021-22529 Sensitive Data Exposure leaks potential information in NetIQ Advance Authentication — NetIQ Advance AuthenticationCWE-200 6.3 Medium2024-08-28
CVE-2021-22530 Improper account management vulnerability in NetIQ Advance Authentication — NetIQ Advance AuthenticationCWE-667 8.2 High2024-08-28
CVE-2021-38120 Remote Code Execution using Bash command Injection in backup scheduling functionality in NetIQ Advance Authentication — NetIQ Advance AuthenticationCWE-77 5.1 Medium2024-08-28
CVE-2021-38121 Weak communication protocol identified in Advance Authentication client application — NetIQ Advance AuthenticationCWE-326 8.3 High2024-08-28
CVE-2021-38122 Cross-Site Scripting (XSS) in Advance Authentication — NetIQ Advance AuthenticationCWE-20 6.2 Medium2024-08-28
CVE-2024-4554 Multiple xss vulnerability in NetIQ Access Manager — Access ManagerCWE-79 7.3 High2024-08-28
CVE-2024-4555 User impersonation with MFA when configure in specific way — NetIQ Access ManagerCWE-266 7.7 High2024-08-28
CVE-2024-4556 Directory traversal vulnerability in NetIQ Access Manager — NetIQ Access ManagerCWE-22 5.7 Medium2024-08-28
CVE-2022-26327 Stored cross-site scripting (XSS) has been discovered in OpenText™ Performance Center — Performance CenterCWE-200 7.5 -2024-08-21
CVE-2022-26328 User enumeration vulnerability has been discovered in OpenText™ Performance Center — Performance CenterCWE-79 6.1AIMediumAI2024-08-21

This page lists every published CVE security advisory associated with Opentext. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.