PT-2024-9971 · Opentext · Opentext Operations Bridge Manager
Published
2024-12-18
·
Updated
2024-12-19
·
CVE-2021-22501
CVSS v4.0
5.3
Medium
| Vector | AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/S:N/AU:Y/R:A/V:C/RE:M/U:Amber |
Name of the Vulnerable Software and Affected Versions:
OpenText Operations Bridge Manager versions 2017.05 through 2020.10
Description:
The issue is related to an Improper Restriction of XML External Entity Reference, which could allow for Input Data Manipulation. This could be exploited to gain unauthorized access to confidential information. The vulnerability can be exploited by a remote attacker.
Recommendations:
For versions 2017.05 through 2020.10, update to a version that includes a fix for this issue.
At the moment, there is no information about a newer version that contains a fix for this vulnerability.
XXE
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Opentext Operations Bridge Manager