CVE-2022-26323 HIGH

CVE-2022-26323: Incorrect Use of Privileged vulnerability has been discovered on OpenText™ UCMDB and Operation Bridge Manager product.

Vendor Opentext™
Product Operations Bridge Manager
Weakness CWE-648
Published April 17, 2025
Last update April 17, 2025

CVSS base score

8.7/10
Attack vector Network
Attack complexity Low
Privileges required Low
User interaction None
Confidentiality
Integrity

CVSS vector

CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/S:N/AU:N/R:U/V:C/RE:M/U:Amber

What the vulnerability does

01Description

Incorrect Use of Privileged APIs vulnerability in OpenText™ Operations Bridge Manager, OpenText™ Operations Bridge Suite (Containerized), OpenText™ UCMDB ( Classic and Containerized) allows Privilege Escalation.  The vulnerability could allow authenticated attackers to elevate user privileges. This issue affects Operations Bridge Manager: through 2021.05; Operations Bridge Suite (Containerized): through 2021.05; UCMDB ( Classic and Containerized): through 2021.05.

Key dates

02Disclosure timeline

April 17, 2025 CVE published
April 17, 2025 Record updated