CVE-2022-45927

Name of the Vulnerable Software and Affected Versions OpenText Content Suite Platform version 22.1 (16.2.19.1803)

Description An issue in the Java application server allows bypassing authentication of QDS endpoints in the Content Server. These endpoints can be exploited to create objects and execute arbitrary code.

Recommendations For OpenText Content Suite Platform version 22.1 (16.2.19.1803), consider restricting access to the QDS endpoints of the Content Server until a patch is available. As a temporary workaround, disabling the Java application server or limiting its functionality may help minimize the risk of exploitation.