Critical Vulnerabilities Patched in OpenText Enterprise Content Management System By Orbit Brain January 21, 2023 0 185 views Dwelling › VulnerabilitiesImportant Vulnerabilities Patched in OpenText Enterprise Content material Administration SystemBy Eduard Kovacs on January 20, 2023TweetA number of vulnerabilities described as having essential and excessive affect, together with ones permitting unauthenticated distant code execution, have been discovered and patched in OpenText’s enterprise content material administration (ECM) product.The vulnerabilities have been found by a researcher at cybersecurity consultancy Sec Seek the advice of in OpenText’s Prolonged ECM, which is designed for managing the distribution and use of data throughout a company. Particularly, the failings affect the product’s Content material Server element.The safety agency this week revealed three completely different advisories describing its findings.OpenText was knowledgeable concerning the vulnerabilities in October 2022 and patched them earlier this month with the discharge of model 22.4, based on Sec Seek the advice of.One of many essential vulnerabilities, tracked as CVE-2022-45923, can permit an unauthenticated attacker to execute arbitrary code utilizing specifically crafted requests.The second essential flaw, CVE-2022-45927, impacts the Java Frontend of the OpenText Content material Server element and might permit an attacker to bypass authentication. Exploitation may finally result in distant code execution.Sec Seek the advice of has additionally recognized 5 varieties of vulnerabilities within the Content material Server element that may be exploited by authenticated attackers.These points, rated ‘excessive affect’, will be exploited to delete arbitrary recordsdata on the server, escalate privileges, receive doubtlessly priceless info, launch server-side request forgery (SSRF) assaults, and execute arbitrary code.Proof-of-concept (PoC) code is accessible for the high-impact points, however the advisories describing the essential flaws don’t embody PoC code in an effort to forestall malicious exploitation.Associated: Vendor Refuses to Take away Backdoor Account That Can Facilitate Assaults on Industrial CompaniesAssociated: InfiRay Thermal Digicam Flaws Can Enable Hackers to Tamper With Industrial ProcessesAssociated: OpenText Acquires E-mail Safety Agency Zix for $860 MillionGet the Day by day Briefing Most CurrentMost LearnIn-the-Wild Exploitation of Current ManageEngine Vulnerability CommencesSubtle ‘VastFlux’ Advert Fraud Scheme That Spoofed 1,700 Apps DisruptedImportant Vulnerabilities Patched in OpenText Enterprise Content material Administration SystemEU’s Breton Warns TikTok CEO: Comply With New Digital GuidelinesPayPal Warns 35,000 Customers of Credential Stuffing AssaultsRansomware Income Plunged in 2022 as Extra Victims Refuse to Pay Up: ReportChinese language Hackers Exploited Fortinet VPN Vulnerability as Zero-DayA Change in Mindset: From a Risk-based to Threat-based Strategy to SafetyRansomware Shuts A whole lot of Yum Manufacturers Eating places in UKDrupal Patches Vulnerabilities Resulting in Info DisclosureOn the lookout for Malware in All of the Improper Locations?First Step For The Web’s subsequent 25 years: Including Safety to the DNSTattle Story: What Your Laptop Says About YouBe in a Place to Act By way of Cyber Situational ConsciousnessReport Exhibits Closely Regulated Industries Letting Social Networking Apps Run Rampant2010, A Nice 12 months To Be a Scammer.Do not Let DNS be Your Single Level of FailureThe way to Establish Malware in a BlinkDefining and Debating Cyber WarfareThe 5 A’s that Make Cybercrime so EnticingThe way to Defend Towards DDoS AssaultsSafety Budgets Not in Line with ThreatsAnycast – Three Causes Why Your DNS Community Ought to Use ItThe Evolution of the Prolonged Enterprise: Safety Methods for Ahead Considering OrganizationsUtilizing DNS Throughout the Prolonged Enterprise: It’s Dangerous EnterpriseSecurityWeek PodcastShare this:FacebookXPrintEmailLinkedInRedditTwitterTumblrPinterestTelegramWhatsApp CVE-2022-45923 CVE-2022-45927 ECM enterprise content management OpenText patch vulnerabilities Orbit Brainhttps://orbitbrain.com/ Orbit Brain is the senior science writer and technology expert. Our aim provides the best information about technology and web development designing SEO graphics designing video animation tutorials and how to use software easy waysand much more. Like Best Service Latest Technology, Information Technology, Personal Tech Blogs, Technology Blog Topics, Technology Blogs For Students, Futurism Blog.
SolarWinds Agrees to Pay $26 Million to Settle Shareholder Lawsuit Over Data BreachIntroducing the Cyber Security News SolarWinds Agrees to Pay $26 Million to Settle Shareholder Lawsuit Over Data Breach.... November 7, 2022 Cyber Security News
US Seizes $3.4 Billion in Bitcoin Stolen From Silk RoadIntroducing the Cyber Security News US Seizes $3.4 Billion in Bitcoin Stolen From Silk Road.... November 8, 2022 Cyber Security News
Huntress Scores $40M Funding, Plans International ExpansionIntroducing the Cyber Security News Huntress Scores $40M Funding, Plans International Expansion.... September 9, 2022 Cyber Security News
State Bar of Georgia Confirms Data Breach Following Ransomware AttackIntroducing the Cyber Security News State Bar of Georgia Confirms Data Breach Following Ransomware Attack.... October 10, 2022 Cyber Security News
Morgan Stanley to Pay $35M Fine for Exposing Information of Millions of CustomersIntroducing the Cyber Security News Morgan Stanley to Pay $35M Fine for Exposing Information of Millions of Customers.... September 21, 2022 Cyber Security News
Vulnerabilities Allow Researcher to Turn Security Products Into WipersIntroducing the Cyber Security News Vulnerabilities Allow Researcher to Turn Security Products Into Wipers.... December 8, 2022 Cyber Security News
Pantera Capital Plans $250M Solana (SOL) Buy, Analyst Predicts Record Rally Toward $1000March 8, 2024 76
Ethereum Blockchain Now Has A Modernized Version of Bitcoin (BTC) But With A Much Lower SupplyMarch 9, 2024 71