CVE-2024-6360 MEDIUM

CVE-2024-6360: Incorrect Permission Assignment for Critical Resource vulnerability has been discovered in OpenText™ Vertica.

Vendor Opentext™
Product Vertica
Weakness CWE-732
Published October 2, 2024
Last update October 2, 2024

CVSS base score

6.9/10
Attack vector Local
Attack complexity High
Privileges required High
User interaction None
Confidentiality
Integrity

CVSS vector

CVSS:4.0/AV:L/AC:H/AT:N/PR:H/UI:N/VC:L/VI:N/VA:H/SC:L/SI:N/SA:H/AU:Y/R:U/RE:L/U:Green

What the vulnerability does

01Description

Incorrect Permission Assignment for Critical Resource vulnerability in OpenText™ Vertica could allow Privilege Abuse and result in unauthorized access or privileges to Vertica agent apikey. This issue affects Vertica: from 10.0 through 10.X, from 11.0 through 11.X, from 12.0 through 12.X, from 23.0 through 23.X, from 24.0 through 24.X.

Key dates

02Disclosure timeline

October 2, 2024 CVE published
October 2, 2024 Record updated