Unrated severityNVD Advisory· Published Oct 16, 2024· Updated Oct 16, 2024
Multiple missing permission checks
CVE-2024-4211
Description
Improper Validation of Specified Quantity in Input vulnerability in OpenText OpenText Application Automation Tools allows Exploiting Incorrectly Configured Access Control Security Levels.
Multiple missing permission checks - ALM job config has been discovered in OpenText Application Automation Tools. The vulnerability could allow users with Overall/Read permission to enumerate ALM server names, usernames and client IDs configured to be used with ALM servers.
This issue affects OpenText Application Automation Tools: 24.1.0 and below.
Affected products
2<=24.1.0+ 1 more
- (no CPE)range: <=24.1.0
- (no CPE)range: 24.1.0 and below
Patches
Vulnerability mechanics
References
1News mentions
1- Jenkins Security Advisory 2024-05-24Jenkins Security Advisories · May 24, 2024