Opentext

Vertica

9 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
5.1

CVE-2025-12453

  • EPSS 0.06%
  • Veröffentlicht 13.03.2026 18:30:53
  • Zuletzt bearbeitet 16.03.2026 14:54:11

Improper neutralization of input during web page generation ('cross-site scripting') vulnerability in OpenText™ Vertica allows Reflected XSS.  The vulnerability could lead to Reflected XSS attack of cross-site scripting in Vertica management console ...

5.1

CVE-2025-12454

  • EPSS 0.06%
  • Veröffentlicht 13.03.2026 18:30:40
  • Zuletzt bearbeitet 16.03.2026 14:54:11

Improper neutralization of input during web page generation ('cross-site scripting') vulnerability in OpenText™ Vertica allows Reflected XSS.  The vulnerability could lead to Reflected XSS attack of cross-site scripting in Vertica management console ...

5.1

CVE-2025-12455

  • EPSS 0.06%
  • Veröffentlicht 13.03.2026 18:30:27
  • Zuletzt bearbeitet 16.03.2026 14:54:11

Observable response discrepancy vulnerability in OpenText™ Vertica allows Password Brute Forcing.   The vulnerability could lead to Password Brute Forcing in Vertica management console application.This issue affects Vertica: from 10.0 through 10.X, f...

6.9

CVE-2024-9432

  • EPSS 0.01%
  • Veröffentlicht 30.01.2026 18:31:31
  • Zuletzt bearbeitet 04.02.2026 16:34:21

Cleartext Storage of Sensitive Information vulnerability in OpenText™ Vertica allows Retrieve Embedded Sensitive Data.   The vulnerability could read Vertica agent plaintext apikey.This issue affects Vertica versions: 23.X, 24.X, 25.X.

9.8

CVE-2024-6360

  • EPSS 0.1%
  • Veröffentlicht 02.10.2024 16:15:11
  • Zuletzt bearbeitet 19.11.2025 13:30:31

Incorrect Permission Assignment for Critical Resource vulnerability in OpenText™ Vertica could allow Privilege Abuse and result in unauthorized access or privileges to Vertica agent apikey. This issue affects Vertica: from 10.0 through 10.X, from 11....

9.8

CVE-2023-7248

  • EPSS 0.03%
  • Veröffentlicht 15.03.2024 20:15:07
  • Zuletzt bearbeitet 21.11.2024 08:45:36

Certain functionality in OpenText Vertica Management console might be prone to bypass via crafted requests.  The vulnerability would affect one of Vertica’s authentication functionalities by allowing specially crafted requests and sequences. This ...

10

CVE-2017-5802

  • EPSS 0.49%
  • Veröffentlicht 15.02.2018 22:29:06
  • Zuletzt bearbeitet 19.11.2025 13:30:31

A Remote Gain Privileged Access vulnerability in HPE Vertica Analytics Platform version v4.1 and later was found.

10

CVE-2016-2002

  • EPSS 2.94%
  • Veröffentlicht 20.04.2016 17:59:01
  • Zuletzt bearbeitet 19.11.2025 13:23:10

The validateAdminConfig handler in the Analytics Management Console in HPE Vertica 7.0.x before 7.0.2.12, 7.1.x before 7.1.2-12, and 7.2.x before 7.2.2-1 allows remote attackers to execute arbitrary commands via the mcPort parameter, aka ZDI-CAN-3417...

7.5

CVE-2015-6867

  • EPSS 1.26%
  • Veröffentlicht 04.11.2015 03:59:11
  • Zuletzt bearbeitet 19.11.2025 13:23:10

The vertica-udx-zygote process in HP Vertica 7.1.1 UDx does not require authentication, which allows remote attackers to execute arbitrary commands via a crafted packet, aka ZDI-CAN-2914.