FortiClient Vulnerability

OpenText Extended ECM CVE-2022-45928 Remote Code Execution Vulnerability

Description

The OpenText Content Server component of the OpenText Extended ECM has multiple vulnerabilities, which allow the execution of own OScript code in the worst case. The other vulnerabilities include information disclosure, deletion of arbitrary files on the filesystem, getting a valid AdminPwd cookie and evaluation of webreports with a low privilege user.

Affected Applications

OpenText Extended ECM Platform

CVE References

CVE-2022-45922 CVE-2022-45924 CVE-2022-45925 CVE-2022-45926 CVE-2022-45928

Other References

https://sec-consult.com/vulnerability-lab/advisory/multiple-post-authentication-vulnerabilities-including-rce-opentexttm-extended-ecm/

ID	4749
Created	Feb 01, 2023
Description Updated	Aug 18, 2023
Risk
Coverage	FortiClient
OS	Windows
Vendor	OpenText Corporation
Patch	manual
Application	OpenText Extended ECM Platform

Protect

Detect

Respond

Recover

Identify

Network Security

Endpoint Security

Application Security

Security Operations

FortiClient Vulnerability

OpenText Extended ECM CVE-2022-45928 Remote Code Execution Vulnerability

Description

Affected Applications

CVE References

Other References

News/Research

Research Center

PSIRT Center

Services

By Outbreak

By Solution

By Product

Protect

Detect

Respond

Recover

Identify

Network Security

Endpoint Security

Application Security

Security Operations

Threat Intelligence Center

Resource Center

About

FortiGuard Labs

Partners

FortiClient Vulnerability

OpenText Extended ECM CVE-2022-45928 Remote Code Execution Vulnerability

Description

Affected Applications

CVE References

Other References

Threat Intelligence
Center