High severity8.0NVD Advisory· Published Dec 19, 2024· Updated Apr 15, 2026

CVE-2024-12111

Description

In a specific scenario a LDAP user can abuse the authentication process using injection attack in OpenText Privileged Access Manager that allows authentication bypass. This issue affects Privileged Access Manager version 23.3(4.4); 24.3(4.5)

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

www.netiq.com/documentation/privileged-access-manager-45/npam_45_releasenotes/data/npam_45_releasenotes.htmlnvd
www.netiq.com/documentation/privileged-account-manager-44/npam_44_releasenotes/data/npam_44_releasenotes.htmlnvd

News mentions

No linked articles in our index yet.

cvss	0.520
epss	0.000
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000