CVE-2024-12111

Name of the Vulnerable Software and Affected Versions OpenText Privileged Access Manager versions 23.3(4.4) through 24.3(4.5)

Description In a specific scenario, a LDAP user can abuse the authentication process in OpenText Privileged Access Manager, allowing authentication bypass.

Recommendations For versions 23.3(4.4) and 24.3(4.5), consider temporarily restricting access to the authentication process until a patch is available. As a temporary workaround, consider disabling the LDAP authentication feature until a patch is available. At the moment, there is no information about a newer version that contains a fix for this vulnerability.