PT-2024-16600 · Opentext · Opentext Secure Content Manager
Evan Pearce
·
Published
2024-11-22
·
Updated
2024-11-22
·
CVE-2024-10863
CVSS v4.0
5.1
Medium
| Vector | AV:N/AC:L/AT:N/PR:L/UI:P/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X |
Name of the Vulnerable Software and Affected Versions
OpenText Secure Content Manager versions 10.1 through 24.3
Description
The issue is related to insufficient logging in OpenText Secure Content Manager on Windows, allowing audit log manipulation. This could potentially lead to undetected malicious activity, as end-users may exploit the vulnerability to exclude audit trails from being recorded on the client side.
Recommendations
For OpenText Secure Content Manager versions 10.1 through 24.3, upgrade the affected component immediately to resolve the issue.
Fix
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Opentext Secure Content Manager