PT-2023-14796 · Opentext · Opentext Content Suite Platform

Armin Stock

Publicado

2023-01-18

Atualizado

2023-01-30

CVE-2022-45923

CVSS v3.1

8.8

Alta

Vetor

AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Name of the Vulnerable Software and Affected Versions OpenText Content Suite Platform version 16.2.19.1803

Description An issue was discovered in the Common Gateway Interface (CGI) program cs.exe, allowing an attacker to increase or decrease an arbitrary memory address by 1 and trigger a call to a method of a vftable with a vftable pointer value chosen by the attacker.

Recommendations For OpenText Content Suite Platform version 16.2.19.1803, at the moment, there is no information about a newer version that contains a fix for this vulnerability.

Exploit

Deserialization of Untrusted Data

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾

dbugs@ptsecurity.com

Enumeração de Fraquezas

CWE-502

Identificadores relacionados

CVE-2022-45923

Produtos afetados

Opentext Content Suite Platform

PT-2023-14796 · Opentext · Opentext Content Suite Platform

CVE-2022-45923

Enumeração de Fraquezas

Identificadores relacionados

Produtos afetados

Referências · 7