CVE-2023-32260

Summary

Misinterpretation of Input vulnerability in OpenText™ Service Management Automation X (SMAX), OpenText™ Asset Management X (AMX), and OpenText™ Hybrid Cloud Management X (HCMX) products. The vulnerability could allow Input data manipulation.This issue affects Service Management Automation X (SMAX) versions: 2020.05, 2020.08, 2020.11, 2021.02, 2021.05, 2021.08, 2021.11, 2022.05, 2022.11, 2023.05; Asset Management X (AMX) versions: 2021.08, 2021.11, 2022.05, 2022.11, 2023.05; and Hybrid Cloud Management X (HCMX) versions: 2020.05, 2020.08, 2020.11, 2021.02, 2021.05, 2021.08, 2021.11, 2022.05, 2022.11, 2023.05.

Affected Software

VendorProductVersion RangeStatus
OpenText™Service Management Automation X (SMAX)2020.05affected
OpenText™Service Management Automation X (SMAX)2020.08affected
OpenText™Service Management Automation X (SMAX)2020.11affected
OpenText™Service Management Automation X (SMAX)2021.02affected
OpenText™Service Management Automation X (SMAX)2021.05affected
OpenText™Service Management Automation X (SMAX)2021.08affected
OpenText™Service Management Automation X (SMAX)2021.11affected
OpenText™Service Management Automation X (SMAX)2022.05affected
OpenText™Service Management Automation X (SMAX)2022.11affected
OpenText™Service Management Automation X (SMAX)2023.05affected
OpenText™Asset Management X (AMX)2021.08affected
OpenText™Asset Management X (AMX)2021.11affected
OpenText™Asset Management X (AMX)2022.05affected
OpenText™Asset Management X (AMX)2022.11affected
OpenText™Asset Management X (AMX)2023.05affected
OpenText™Hybrid Cloud Management X (HCMX)2020.05affected
OpenText™Hybrid Cloud Management X (HCMX)2020.08affected
OpenText™Hybrid Cloud Management X (HCMX)2020.11affected
OpenText™Hybrid Cloud Management X (HCMX)2021.02affected
OpenText™Hybrid Cloud Management X (HCMX)2021.05affected
OpenText™Hybrid Cloud Management X (HCMX)2021.08affected
OpenText™Hybrid Cloud Management X (HCMX)2021.11affected
OpenText™Hybrid Cloud Management X (HCMX)2022.05affected
OpenText™Hybrid Cloud Management X (HCMX)2022.11affected
OpenText™Hybrid Cloud Management X (HCMX)2023.05affected

Weaknesses

  • CWE-115: CWE-115 Misinterpretation of Input

ADP Enrichment

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: partial

CVE Program Container

Additional References

References