Unrated severityNVD Advisory· Published Mar 27, 2026· Updated Mar 27, 2026

Cache Misconfiguration Leading to Cross-User Data Exposure

CVE-2025-13478

Description

Cache misconfiguration vulnerability in OpenText Identity Manager on Windows, Linux allows remote authenticated users to obtain another user's session data via insecure application cache handling. This issue affects Identity Manager: 25.2(v4.10.1).

Affected products

VMware/Identity Managerllm-fuzzy
Range: = 25.2(v4.10.1)
OpenText/Identity Managerv5
Range: 25.2(v4.10.1)

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

docs.microfocus.com/doc/2159/25.2/releasenotesidentitymanager4101patch01mitrerelease-notes
docs.microfocus.com/doc/2159/25.2/cvesecurityfixmitre

News mentions

No linked articles in our index yet.

cvss	0.000
epss	0.000
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000