PT-2025-16962 · Opentext · Opentext Operations Bridge Suite+2
Published
2025-04-17
·
Updated
2025-04-19
·
CVE-2022-26323
CVSS v4.0
8.7
High
| Vector | AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:N/AU:N/R:U/V:C/RE:M/U:Amber |
Name of the Vulnerable Software and Affected Versions
OpenText Operations Bridge Manager versions through 2021.05
OpenText Operations Bridge Suite (Containerized) versions through 2021.05
OpenText UCMDB (Classic and Containerized) versions through 2021.05
Description
The issue allows authenticated attackers to elevate user privileges, potentially leading to privilege escalation. This is due to the incorrect use of privileged APIs.
Recommendations
For OpenText Operations Bridge Manager versions through 2021.05, update to a version later than 2021.05 to resolve the issue.
For OpenText Operations Bridge Suite (Containerized) versions through 2021.05, update to a version later than 2021.05 to resolve the issue.
For OpenText UCMDB (Classic and Containerized) versions through 2021.05, update to a version later than 2021.05 to resolve the issue.
Fix
LPE
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Opentext Operations Bridge Manager
Opentext Operations Bridge Suite
Opentext Ucmdb