CVE-2023-32259

Insufficient Granularity of Access Control vulnerability in OpenText™ Service Management Automation X (SMAX), OpenText™ Asset Management X (AMX) allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Service Management Automation X (SMAX) versions 2020.05, 2020.08, 2020.11, 2021.02, 2021.05, 2021.08, 2021.11, 2022.05, 2022.11; and Asset Management X (AMX) versions 2021.08, 2021.11, 2022.05, 2022.11.

CVSS v3 6.5 MEDIUM

6.5^/10

CVSS v3 : MEDIUM

V3 Legend

Vector :

Exploitability : 2.8 / Impact : 3.6

Attack Vector NETWORK

Attack Complexity LOW

Privileges Required LOW

User Interaction NONE

Confidentiality Impact NONE

Integrity Impact HIGH

Availability Impact NONE

Scope UNCHANGED

References

Link	Resource
https://portal.microfocus.com/s/article/KM000018803?language=en_US
https://portal.microfocus.com/s/article/KM000018803?language=en_US

Configurations

No configuration.

History

21 Nov 2024, 08:02

Type	Values Removed	Values Added
Summary		(es) Vulnerabilidad de granularidad insuficiente del control de acceso en OpenText™ Service Management Automation X (SMAX), OpenText™ Asset Management X (AMX) permite explotar niveles de seguridad de control de acceso configurados incorrectamente. Este problema afecta a Service Management Automation X (SMAX) versiones 2020.05, 2020.08, 2020.11 , 2021.02, 2021.05, 2021.08, 2021.11, 2022.05, 2022.11; y Asset Management X (AMX) versiones 2021.08, 2021.11, 2022.05, 2022.11.
References	~~() https://portal.microfocus.com/s/article/KM000018803?language=en_US -~~	() https://portal.microfocus.com/s/article/KM000018803?language=en_US -

19 Mar 2024, 16:15

Type	Values Removed	Values Added
New CVE

Information

Published : 2024-03-19 16:15

Updated : 2024-11-21 08:02

NVD link : CVE-2023-32259

Mitre link : CVE-2023-32259

CVE.ORG link : CVE-2023-32259

JSON object : View

Products Affected

No product.

CWE

CWE-1220

Insufficient Granularity of Access Control

6.5 /10