CVE-2024-3485 MEDIUM

CVE-2024-3485: Server-Side Request Forgery vulnerability in iManager

Vendor Opentext
Product iManager
Weakness CWE-918 · SSRF
Published May 15, 2024
Last update August 1, 2024
View on NVD All CVEs

CVSS base score

5.3/10
Attack vector Local
Attack complexity High
Privileges required High
User interaction None
Confidentiality High
Integrity None

CVSS vector

CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:N/A:N

What the vulnerability does

01Description

Server Side Request Forgery vulnerability has been discovered in OpenText™ iManager 3.2.6.0200. This could lead to senstive information disclosure.

Key dates

02Disclosure timeline

May 15, 2024 CVE published
August 1, 2024 Record updated

Related vulnerabilities

04Related CVE

CVE-2025-2940 Ninja Tables – Easy Data Table Builder <= 5.0.18 - Unauthenticated Server-Side Request Forgery CVE-2025-59088 Python-kdcproxy: unauthenticated ssrf via realm‑controlled dns srv CVE-2023-21761 Microsoft Exchange Server Information Disclosure Vulnerability CVE-2024-38730 WordPress Magical Addons For Elementor plugin <= 1.1.41 - Server Side Request Forgery (SSRF) vulnerability CVE-2026-32279 Connect CMS has SSRF in the External Page Migration Feature of its Page Management Plugin