PT-2024-14952 · Opentext · Opentext Zenworks Configuration Management
Published
2024-03-27
·
Updated
2024-03-27
·
CVE-2023-6400
CVSS v3.1
7.4
High
| Vector | AV:P/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H |
Name of the Vulnerable Software and Affected Versions
OpenText ZENworks Configuration Management (ZCM) versions 2020 update 3, 23.3, and 23.4
Description
The issue is related to an Incorrect Authorization vulnerability in OpenText ZENworks Configuration Management (ZCM), allowing unauthorized use of device resources.
Recommendations
For version 2020 update 3, update to a version that includes the fix for this issue.
For version 23.3, update to a version that includes the fix for this issue.
For version 23.4, update to a version that includes the fix for this issue.
As a temporary workaround, consider restricting access to device resources to minimize the risk of exploitation.
Fix
Incorrect Authorization
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Opentext Zenworks Configuration Management