github - ghsa-95h2-5c4f-cpvp

ghsa-95h2-5c4f-cpvp

Vulnerability from github

Published

2024-11-22 21:32

Modified

2024-11-22 21:32

Severity ?

5.1 (Medium) - CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:P/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N

Details

: Insufficient Logging vulnerability in OpenText Secure Content Manager on Windows allows Audit Log Manipulation.This issue affects Secure Content Manager: from 10.1 before <24.4.

End-users can potentially exploit the vulnerability to exclude audit trails from being recorded on the client side.

Show details on source website

JSON

To clipboard

{
  "affected": [],
  "aliases": [
    "CVE-2024-10863"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-778"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2024-11-22T16:15:21Z",
    "severity": "MODERATE"
  },
  "details": ": Insufficient Logging vulnerability in OpenText Secure Content Manager on Windows allows Audit Log Manipulation.This issue affects Secure Content Manager: from 10.1 before \u003c24.4.\n\n\n\nEnd-users can potentially exploit the vulnerability to exclude audit trails from being recorded on the client side.",
  "id": "GHSA-95h2-5c4f-cpvp",
  "modified": "2024-11-22T21:32:14Z",
  "published": "2024-11-22T21:32:14Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-10863"
    },
    {
      "type": "WEB",
      "url": "https://portal.microfocus.com/s/article/KM000036389?"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:P/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X",
      "type": "CVSS_V4"
    }
  ]
}

cve-2024-10863

Vulnerability from cvelistv5

Published

2024-11-22 15:36

Modified

2024-11-22 15:36

Severity ?

5.1 (Medium) - CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:P/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N

Summary

Client-side audit exclusion vulnerability

References

▼	URL	Tags
	https://portal.microfocus.com/s/article/KM000036389?

Impacted products

▼	Vendor	Product
	OpenText	Secure Content Manager

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "platforms": [
            "Windows"
          ],
          "product": "Secure Content Manager",
          "vendor": "OpenText",
          "versions": [
            {
              "lessThan": "\u003c24.4",
              "status": "affected",
              "version": "10.1",
              "versionType": "custom"
            }
          ]
        }
      ],
      "credits": [
        {
          "lang": "en",
          "type": "finder",
          "user": "00000000-0000-4000-9000-000000000000",
          "value": "Evan Pearce of CyberCX"
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": ": Insufficient Logging vulnerability in OpenText Secure Content Manager on Windows allows Audit Log Manipulation.\u003cp\u003eThis issue affects Secure Content Manager: from 10.1 before \u0026lt;24.4.\u003c/p\u003e\n\n\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eEnd-users can potentially exploit the vulnerability to exclude audit trails from being recorded on the client side.\u003c/span\u003e\n\n\u003cbr\u003e"
            }
          ],
          "value": ": Insufficient Logging vulnerability in OpenText Secure Content Manager on Windows allows Audit Log Manipulation.This issue affects Secure Content Manager: from 10.1 before \u003c24.4.\n\n\n\nEnd-users can potentially exploit the vulnerability to exclude audit trails from being recorded on the client side."
        }
      ],
      "impacts": [
        {
          "capecId": "CAPEC-268",
          "descriptions": [
            {
              "lang": "en",
              "value": "CAPEC-268 Audit Log Manipulation"
            }
          ]
        }
      ],
      "metrics": [
        {
          "cvssV4_0": {
            "Automatable": "NOT_DEFINED",
            "Recovery": "NOT_DEFINED",
            "Safety": "NOT_DEFINED",
            "attackComplexity": "LOW",
            "attackRequirements": "NONE",
            "attackVector": "NETWORK",
            "baseScore": 5.1,
            "baseSeverity": "MEDIUM",
            "privilegesRequired": "LOW",
            "providerUrgency": "NOT_DEFINED",
            "subAvailabilityImpact": "NONE",
            "subConfidentialityImpact": "NONE",
            "subIntegrityImpact": "NONE",
            "userInteraction": "PASSIVE",
            "valueDensity": "NOT_DEFINED",
            "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:P/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N",
            "version": "4.0",
            "vulnAvailabilityImpact": "NONE",
            "vulnConfidentialityImpact": "NONE",
            "vulnIntegrityImpact": "LOW",
            "vulnerabilityResponseEffort": "NOT_DEFINED"
          },
          "format": "CVSS",
          "scenarios": [
            {
              "lang": "en",
              "value": "GENERAL"
            }
          ]
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-778",
              "description": "CWE-778: Insufficient Logging",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2024-11-22T15:36:39.075Z",
        "orgId": "f81092c5-7f14-476d-80dc-24857f90be84",
        "shortName": "OpenText"
      },
      "references": [
        {
          "url": "https://portal.microfocus.com/s/article/KM000036389?"
        }
      ],
      "solutions": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "Audit trails will be captured on the server side instead of the client side, thereby eliminating the vulnerability and its impact\u003cbr\u003e\u003cbr\u003eApply the following patch builds in your data center.\u003cbr\u003e\u003cbr\u003eSecure Content Manager 24.3 Patch 1: Patch 219146 - Content Manager 24.3 Patch 1 Build 86\u003cbr\u003eSecure Content Manager 24.2 Patch 1: Patch 219145 - Content Manager 24.2 Patch 1 Build 123\u003cbr\u003eSecure Content Manager 23.4 Patch 2: Patch 1593502 - Content Manager 23.4 Patch 2 Build 240\u003cbr\u003eSecure Content Manager 10.1 Patch 6: Patch 1593711 \u2013 Content Manager 10.1 Patch 6 Build 1185\u003cbr\u003e\u003cbr\u003e"
            }
          ],
          "value": "Audit trails will be captured on the server side instead of the client side, thereby eliminating the vulnerability and its impact\n\nApply the following patch builds in your data center.\n\nSecure Content Manager 24.3 Patch 1: Patch 219146 - Content Manager 24.3 Patch 1 Build 86\nSecure Content Manager 24.2 Patch 1: Patch 219145 - Content Manager 24.2 Patch 1 Build 123\nSecure Content Manager 23.4 Patch 2: Patch 1593502 - Content Manager 23.4 Patch 2 Build 240\nSecure Content Manager 10.1 Patch 6: Patch 1593711 \u2013 Content Manager 10.1 Patch 6 Build 1185"
        }
      ],
      "source": {
        "discovery": "EXTERNAL"
      },
      "title": "Client-side audit exclusion vulnerability",
      "x_generator": {
        "engine": "Vulnogram 0.1.0-dev"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "f81092c5-7f14-476d-80dc-24857f90be84",
    "assignerShortName": "OpenText",
    "cveId": "CVE-2024-10863",
    "datePublished": "2024-11-22T15:36:39.075Z",
    "dateReserved": "2024-11-05T14:11:06.490Z",
    "dateUpdated": "2024-11-22T15:36:39.075Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
Confirmed: The vulnerability is confirmed from an analyst perspective.
Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
Patched: This vulnerability was successfully patched by the user reporting the sighting.
Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
Not confirmed: The user expresses doubt about the veracity of the vulnerability.
Not patched: This vulnerability was not successfully patched by the user reporting the sighting.

Action not permitted