Vulnerability CVE-2022-45927


Published: 2023-01-18

Description:
An issue was discovered in OpenText Content Suite Platform 22.1 (16.2.19.1803). The Java application server can be used to bypass the authentication of the QDS endpoints of the Content Server. These endpoints can be used to create objects and execute arbitrary code.

See advisories in our WLB2 database:
Topic
Author
Date
High
OpenText Extended ECM 22.3 Java Frontend Remote Code Execution
Armin Stock
22.01.2023

 References:
https://sec-consult.com/vulnerability-lab/advisory/pre-authenticated-remote-code-execution-via-java-frontend-qds-endpoint-opentext-extended-ecm/

Copyright 2024, cxsecurity.com

 

Back to Top