OpenText iManager 3.2.6.0200 Broken Auth via Param Manipulation
CVE-2024-3487 Published on May 15, 2024

Broken Authentication vulnerability in iManager
Broken Authentication vulnerability discovered in OpenText iManager 3.2.6.0200. This vulnerability allows an attacker to manipulate certain parameters to bypass authentication.

NVD

Vulnerability Analysis

Attack Vector:

ADJACENT_NETWORK

Attack Complexity:

LOW

Privileges Required:

NONE

User Interaction:

REQUIRED

Scope:

UNCHANGED

Confidentiality Impact:

LOW

Integrity Impact:

NONE

Availability Impact:

NONE

Weakness Type

What is an authentification Vulnerability?

When an actor claims to have a given identity, the software does not prove or insufficiently proves that the claim is correct.

CVE-2024-3487 has been classified to as an authentification vulnerability or weakness.

Products Associated with CVE-2024-3487

Want to know whenever a new CVE is published for Micro Focus Imanager? stack.watch will email you.

Micro Focus Imanager

Affected Versions

OpenText iManager:

Version 3.0.0, <= 3.2.6.0300 is affected.

microfocus imanager:

Version 3.0, <= 3.2.6.0300 is affected.

Exploit Probability

EPSS

0.09%

Percentile

25.12%

EPSS (Exploit Prediction Scoring System) scores estimate the probability that a vulnerability will be exploited in the wild within the next 30 days. The percentile shows you how this score compares to all other vulnerabilities.

OpenText iManager 3.2.6.0200 Broken Auth via Param ManipulationCVE-2024-3487 Published on May 15, 2024

Vulnerability Analysis

Weakness Type

What is an authentification Vulnerability?

Products Associated with CVE-2024-3487

Affected Versions

Exploit Probability

OpenText iManager 3.2.6.0200 Broken Auth via Param Manipulation
CVE-2024-3487 Published on May 15, 2024