Unrated severityNVD Advisory· Published Oct 16, 2024· Updated Oct 16, 2024
Multiple missing permission checks
CVE-2024-4692
Description
Improper Validation of Specified Quantity in Input vulnerability in OpenText OpenText Application Automation Tools allows Exploiting Incorrectly Configured Access Control Security Levels.
Multiple missing permission checks - Service Virtualization config has been discovered in in OpenText Application Automation Tools. The vulnerability could allow users with Overall/Read permission to enumerate Service Virtualization server names.
This issue affects OpenText Application Automation Tools: 24.1.0 and below.
Affected products
2<=24.1.0+ 1 more
- (no CPE)range: <=24.1.0
- (no CPE)range: 24.1.0 and below
Patches
Vulnerability mechanics
References
1News mentions
1- Jenkins Security Advisory 2024-05-24Jenkins Security Advisories · May 24, 2024