CVE-2025-2236

Summary

Exposure of Sensitive System Information to an Unauthorized Control Sphere vulnerability in OpenText Advanced Authentication allows Information Elicitation. The vulnerability could reveal sensitive information while managing and configuring of the external services.

This issue affects Advanced Authentication versions before 6.5.

Affected Software

VendorProductVersion RangeStatus
OpenTextAdvanced Authentication0 < 6.5affected

Weaknesses

  • CWE-497: CWE-497 Exposure of Sensitive System Information to an Unauthorized Control Sphere

ADP Enrichment

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: partial

References