OpenCVE

: Insufficient Logging vulnerability in OpenText Secure Content Manager on Windows allows Audit Log Manipulation.This issue affects Secure Content Manager: from 10.1 before <24.4. End-users can potentially exploit the vulnerability to exclude audit trails from being recorded on the client side.

Attack Vector Network

Attack Complexity Low

Privileges Required Low

Attack Requirements None

User Interaction Passive

Vulnerable System Confidentiality Impact None

Vulnerable System Integrity Impact Low

Vulnerable System Availability Impact None

Subsequent System Confidentiality Impact None

Subsequent System Integrity Impact None

Subsequent System Availability Impact None

No CVSS v3.1

No CVSS v3.0

No CVSS v2

This CVE is not in the KEV list.

Exploitation none

Automatable no

Technical Impact partial

No data.

No data.

No data.

References

Link	Providers
https://portal.microfocus.com/s/article/KM000036389?

History

Tue, 26 Nov 2024 15:15:00 +0000

Type	Values Removed	Values Added
Metrics		ssvc `{'options': {'Automatable': 'no', 'Exploitation': 'none', 'Technical Impact': 'partial'}, 'version': '2.0.3'}`

Fri, 22 Nov 2024 15:45:00 +0000

Type	Values Removed	Values Added
Description		: Insufficient Logging vulnerability in OpenText Secure Content Manager on Windows allows Audit Log Manipulation.This issue affects Secure Content Manager: from 10.1 before <24.4. End-users can potentially exploit the vulnerability to exclude audit trails from being recorded on the client side.
Title		Client-side audit exclusion vulnerability
Weaknesses		CWE-778
References		https://portal.microfocus.com/s/article/KM000036389?
Metrics		cvssV4_0 `{'score': 5.1, 'vector': 'CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:P/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N'}`

MITRE

Status: PUBLISHED

Assigner: OpenText

Published: 2024-11-22T15:36:39.075Z

Updated: 2024-11-26T14:19:22.506Z

Reserved: 2024-11-05T14:11:06.490Z

Link: CVE-2024-10863

Vulnrichment

Updated: 2024-11-22T17:46:11.859Z

NVD

Status : Received

Published: 2024-11-22T16:15:21.257

Modified: 2024-11-22T16:15:21.257

Link: CVE-2024-10863

Redhat

No data.

{"dataType": "CVE_RECORD", "dataVersion": "5.1", "cveMetadata": {"cveId": "CVE-2024-10863", "assignerOrgId": "f81092c5-7f14-476d-80dc-24857f90be84", "state": "PUBLISHED", "assignerShortName": "OpenText", "dateReserved": "2024-11-05T14:11:06.490Z", "datePublished": "2024-11-22T15:36:39.075Z", "dateUpdated": "2024-11-26T14:19:22.506Z"}, "containers": {"cna": {"affected": [{"defaultStatus": "unaffected", "platforms": ["Windows"], "product": "Secure Content Manager", "vendor": "OpenText", "versions": [{"lessThan": "<24.4", "status": "affected", "version": "10.1", "versionType": "custom"}]}], "credits": [{"lang": "en", "type": "finder", "user": "00000000-0000-4000-9000-000000000000", "value": "Evan Pearce of CyberCX"}], "descriptions": [{"lang": "en", "supportingMedia": [{"base64": false, "type": "text/html", "value": ": Insufficient Logging vulnerability in OpenText Secure Content Manager on Windows allows Audit Log Manipulation.<p>This issue affects Secure Content Manager: from 10.1 before <24.4.</p>\n\n<span style=\"background-color: rgb(255, 255, 255);\">End-users can potentially exploit the vulnerability to exclude audit trails from being recorded on the client side.</span>\n\n<br>"}], "value": ": Insufficient Logging vulnerability in OpenText Secure Content Manager on Windows allows Audit Log Manipulation.This issue affects Secure Content Manager: from 10.1 before <24.4.\n\n\n\nEnd-users can potentially exploit the vulnerability to exclude audit trails from being recorded on the client side."}], "impacts": [{"capecId": "CAPEC-268", "descriptions": [{"lang": "en", "value": "CAPEC-268 Audit Log Manipulation"}]}], "metrics": [{"cvssV4_0": {"Automatable": "NOT_DEFINED", "Recovery": "NOT_DEFINED", "Safety": "NOT_DEFINED", "attackComplexity": "LOW", "attackRequirements": "NONE", "attackVector": "NETWORK", "baseScore": 5.1, "baseSeverity": "MEDIUM", "privilegesRequired": "LOW", "providerUrgency": "NOT_DEFINED", "subAvailabilityImpact": "NONE", "subConfidentialityImpact": "NONE", "subIntegrityImpact": "NONE", "userInteraction": "PASSIVE", "valueDensity": "NOT_DEFINED", "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:P/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N", "version": "4.0", "vulnAvailabilityImpact": "NONE", "vulnConfidentialityImpact": "NONE", "vulnIntegrityImpact": "LOW", "vulnerabilityResponseEffort": "NOT_DEFINED"}, "format": "CVSS", "scenarios": [{"lang": "en", "value": "GENERAL"}]}], "problemTypes": [{"descriptions": [{"cweId": "CWE-778", "description": "CWE-778: Insufficient Logging", "lang": "en", "type": "CWE"}]}], "providerMetadata": {"orgId": "f81092c5-7f14-476d-80dc-24857f90be84", "shortName": "OpenText", "dateUpdated": "2024-11-22T15:36:39.075Z"}, "references": [{"url": "https://portal.microfocus.com/s/article/KM000036389?"}], "solutions": [{"lang": "en", "supportingMedia": [{"base64": false, "type": "text/html", "value": "Audit trails will be captured on the server side instead of the client side, thereby eliminating the vulnerability and its impact<br><br>Apply the following patch builds in your data center.<br><br>Secure Content Manager 24.3 Patch 1: Patch 219146 - Content Manager 24.3 Patch 1 Build 86<br>Secure Content Manager 24.2 Patch 1: Patch 219145 - Content Manager 24.2 Patch 1 Build 123<br>Secure Content Manager 23.4 Patch 2: Patch 1593502 - Content Manager 23.4 Patch 2 Build 240<br>Secure Content Manager 10.1 Patch 6: Patch 1593711 \u2013 Content Manager 10.1 Patch 6 Build 1185<br><br>"}], "value": "Audit trails will be captured on the server side instead of the client side, thereby eliminating the vulnerability and its impact\n\nApply the following patch builds in your data center.\n\nSecure Content Manager 24.3 Patch 1: Patch 219146 - Content Manager 24.3 Patch 1 Build 86\nSecure Content Manager 24.2 Patch 1: Patch 219145 - Content Manager 24.2 Patch 1 Build 123\nSecure Content Manager 23.4 Patch 2: Patch 1593502 - Content Manager 23.4 Patch 2 Build 240\nSecure Content Manager 10.1 Patch 6: Patch 1593711 \u2013 Content Manager 10.1 Patch 6 Build 1185"}], "source": {"discovery": "EXTERNAL"}, "title": "Client-side audit exclusion vulnerability", "x_generator": {"engine": "Vulnogram 0.1.0-dev"}}, "adp": [{"metrics": [{"other": {"type": "ssvc", "content": {"timestamp": "2024-11-22T17:46:06.108331Z", "id": "CVE-2024-10863", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2024-11-26T14:19:22.506Z"}}]}}

{"dataType": "CVE_RECORD", "dataVersion": "5.1", "cveMetadata": {"cveId": "CVE-2024-10863", "assignerOrgId": "f81092c5-7f14-476d-80dc-24857f90be84", "state": "PUBLISHED", "assignerShortName": "OpenText", "dateReserved": "2024-11-05T14:11:06.490Z", "datePublished": "2024-11-22T15:36:39.075Z", "dateUpdated": "2024-11-26T14:19:22.506Z"}, "containers": {"cna": {"affected": [{"defaultStatus": "unaffected", "platforms": ["Windows"], "product": "Secure Content Manager", "vendor": "OpenText", "versions": [{"lessThan": "<24.4", "status": "affected", "version": "10.1", "versionType": "custom"}]}], "credits": [{"lang": "en", "type": "finder", "user": "00000000-0000-4000-9000-000000000000", "value": "Evan Pearce of CyberCX"}], "descriptions": [{"lang": "en", "supportingMedia": [{"base64": false, "type": "text/html", "value": ": Insufficient Logging vulnerability in OpenText Secure Content Manager on Windows allows Audit Log Manipulation.<p>This issue affects Secure Content Manager: from 10.1 before <24.4.</p>\n\n<span style=\"background-color: rgb(255, 255, 255);\">End-users can potentially exploit the vulnerability to exclude audit trails from being recorded on the client side.</span>\n\n<br>"}], "value": ": Insufficient Logging vulnerability in OpenText Secure Content Manager on Windows allows Audit Log Manipulation.This issue affects Secure Content Manager: from 10.1 before <24.4.\n\n\n\nEnd-users can potentially exploit the vulnerability to exclude audit trails from being recorded on the client side."}], "impacts": [{"capecId": "CAPEC-268", "descriptions": [{"lang": "en", "value": "CAPEC-268 Audit Log Manipulation"}]}], "metrics": [{"cvssV4_0": {"Automatable": "NOT_DEFINED", "Recovery": "NOT_DEFINED", "Safety": "NOT_DEFINED", "attackComplexity": "LOW", "attackRequirements": "NONE", "attackVector": "NETWORK", "baseScore": 5.1, "baseSeverity": "MEDIUM", "privilegesRequired": "LOW", "providerUrgency": "NOT_DEFINED", "subAvailabilityImpact": "NONE", "subConfidentialityImpact": "NONE", "subIntegrityImpact": "NONE", "userInteraction": "PASSIVE", "valueDensity": "NOT_DEFINED", "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:P/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N", "version": "4.0", "vulnAvailabilityImpact": "NONE", "vulnConfidentialityImpact": "NONE", "vulnIntegrityImpact": "LOW", "vulnerabilityResponseEffort": "NOT_DEFINED"}, "format": "CVSS", "scenarios": [{"lang": "en", "value": "GENERAL"}]}], "problemTypes": [{"descriptions": [{"cweId": "CWE-778", "description": "CWE-778: Insufficient Logging", "lang": "en", "type": "CWE"}]}], "providerMetadata": {"orgId": "f81092c5-7f14-476d-80dc-24857f90be84", "shortName": "OpenText", "dateUpdated": "2024-11-22T15:36:39.075Z"}, "references": [{"url": "https://portal.microfocus.com/s/article/KM000036389?"}], "solutions": [{"lang": "en", "supportingMedia": [{"base64": false, "type": "text/html", "value": "Audit trails will be captured on the server side instead of the client side, thereby eliminating the vulnerability and its impact<br><br>Apply the following patch builds in your data center.<br><br>Secure Content Manager 24.3 Patch 1: Patch 219146 - Content Manager 24.3 Patch 1 Build 86<br>Secure Content Manager 24.2 Patch 1: Patch 219145 - Content Manager 24.2 Patch 1 Build 123<br>Secure Content Manager 23.4 Patch 2: Patch 1593502 - Content Manager 23.4 Patch 2 Build 240<br>Secure Content Manager 10.1 Patch 6: Patch 1593711 \u2013 Content Manager 10.1 Patch 6 Build 1185<br><br>"}], "value": "Audit trails will be captured on the server side instead of the client side, thereby eliminating the vulnerability and its impact\n\nApply the following patch builds in your data center.\n\nSecure Content Manager 24.3 Patch 1: Patch 219146 - Content Manager 24.3 Patch 1 Build 86\nSecure Content Manager 24.2 Patch 1: Patch 219145 - Content Manager 24.2 Patch 1 Build 123\nSecure Content Manager 23.4 Patch 2: Patch 1593502 - Content Manager 23.4 Patch 2 Build 240\nSecure Content Manager 10.1 Patch 6: Patch 1593711 \u2013 Content Manager 10.1 Patch 6 Build 1185"}], "source": {"discovery": "EXTERNAL"}, "title": "Client-side audit exclusion vulnerability", "x_generator": {"engine": "Vulnogram 0.1.0-dev"}}, "adp": [{"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2024-10863", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "version": "2.0.3", "timestamp": "2024-11-22T17:46:06.108331Z"}}}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2024-11-22T17:46:11.859Z"}}]}}

{"descriptions": [{"lang": "en", "value": ": Insufficient Logging vulnerability in OpenText Secure Content Manager on Windows allows Audit Log Manipulation.This issue affects Secure Content Manager: from 10.1 before <24.4.\n\n\n\nEnd-users can potentially exploit the vulnerability to exclude audit trails from being recorded on the client side."}], "id": "CVE-2024-10863", "lastModified": "2024-11-22T16:15:21.257", "metrics": {"cvssMetricV40": [{"cvssData": {"attackComplexity": "LOW", "attackRequirements": "NONE", "attackVector": "NETWORK", "automatable": "NOT_DEFINED", "availabilityRequirements": "NOT_DEFINED", "baseScore": 5.1, "baseSeverity": "MEDIUM", "confidentialityRequirements": "NOT_DEFINED", "exploitMaturity": "NOT_DEFINED", "integrityRequirements": "NOT_DEFINED", "modifiedAttackComplexity": "NOT_DEFINED", "modifiedAttackRequirements": "NOT_DEFINED", "modifiedAttackVector": "NOT_DEFINED", "modifiedPrivilegesRequired": "NOT_DEFINED", "modifiedSubsequentSystemAvailability": "NOT_DEFINED", "modifiedSubsequentSystemConfidentiality": "NOT_DEFINED", "modifiedSubsequentSystemIntegrity": "NOT_DEFINED", "modifiedUserInteraction": "NOT_DEFINED", "modifiedVulnerableSystemAvailability": "NOT_DEFINED", "modifiedVulnerableSystemConfidentiality": "NOT_DEFINED", "modifiedVulnerableSystemIntegrity": "NOT_DEFINED", "privilegesRequired": "LOW", "providerUrgency": "NOT_DEFINED", "recovery": "NOT_DEFINED", "safety": "NOT_DEFINED", "subsequentSystemAvailability": "NONE", "subsequentSystemConfidentiality": "NONE", "subsequentSystemIntegrity": "NONE", "userInteraction": "PASSIVE", "valueDensity": "NOT_DEFINED", "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:P/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X", "version": "4.0", "vulnerabilityResponseEffort": "NOT_DEFINED", "vulnerableSystemAvailability": "NONE", "vulnerableSystemConfidentiality": "NONE", "vulnerableSystemIntegrity": "LOW"}, "source": "security@opentext.com", "type": "Secondary"}]}, "published": "2024-11-22T16:15:21.257", "references": [{"source": "security@opentext.com", "url": "https://portal.microfocus.com/s/article/KM000036389?"}], "sourceIdentifier": "security@opentext.com", "vulnStatus": "Received", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-778"}], "source": "security@opentext.com", "type": "Secondary"}]}