CVE-2024-6360

Name of the Vulnerable Software and Affected Versions OpenText Vertica versions 10.0 through 10.X OpenText Vertica versions 11.0 through 11.X OpenText Vertica versions 12.0 through 12.X OpenText Vertica versions 23.0 through 23.X OpenText Vertica versions 24.0 through 24.X

Description The issue is related to an Incorrect Permission Assignment for Critical Resource vulnerability, which could allow Privilege Abuse and result in unauthorized access or privileges to the Vertica agent apikey.

Recommendations For versions 10.0 through 10.X, update to a version that fixes the Incorrect Permission Assignment issue. For versions 11.0 through 11.X, update to a version that fixes the Incorrect Permission Assignment issue. For versions 12.0 through 12.X, update to a version that fixes the Incorrect Permission Assignment issue. For versions 23.0 through 23.X, update to a version that fixes the Incorrect Permission Assignment issue. For versions 24.0 through 24.X, update to a version that fixes the Incorrect Permission Assignment issue. As a temporary workaround, consider restricting access to the Vertica agent apikey to minimize the risk of exploitation.