CVE-2024-12799
Insufficiently Protected Credentials
Vexday Risk Score
28Low
SSVC decision (CISA)
Track
No exploitation signal → monitor
CVSS 10EPSS 0.4%KEV nãoPoC —Nuclei —Metasploit —Patch —
Lifecycle
05 Mar 2025Published on NVD
Recommendation: Monitor — no exploitation signal at the moment.
Insufficiently Protected Credentials
vulnerability in OpenText Identity Manager Advanced Edition on Windows, Linux,
64 bit allows Privilege Abuse. This vulnerability could allow an
authenticated user to obtain higher privileged user’s sensitive information via
crafted payload.
This issue affects Identity Manager Advanced
Edition: from 4.8.0.0 through 4.8.7.0102, 4.9.0.0.
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H/S:P/AU:Y/R:U/V:C/RE:H/U:Red
Affected products
OpenText · Identity Manager Advanced EditionWant to know if your infrastructure is exposed to this?
Talk to TrueHacking →