5.8
CVE-2023-32264
- EPSS 0.04%
- Veröffentlicht 08.03.2024 21:15:06
- Zuletzt bearbeitet 15.04.2026 00:35:42
- Quelle security@opentext.com
- CVE-Watchlists
- Unerledigt
CWE-1385 vulnerability in OpenText Documentum D2 affecting versions16.5.1 to CE 23.2. The vulnerability could allow upload arbitrary code and execute it on the client's computer.
Daten sind bereitgestellt durch das CVE Programm von Authorized Data Publishers (ADP) (Unstrukturiert)
Herstelleremc
≫
Produkt
documentum_d2
Default Statusunknown
Version <=
ce_23.2
Version
16.5.1
Status
affected
VulnDex Vulnerability Enrichment
Diese Information steht angemeldeten Benutzern zur Verfügung. 
Login
Login| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 0.04% | 0.133 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| security@opentext.com | 5.8 | 1.3 | 4 |
CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:C/C:N/I:H/A:N
|
CWE-1385 Missing Origin Validation in WebSockets
The product uses a WebSocket, but it does not properly verify that the source of data or communication is valid.