Description
Missing Authorization vulnerability in OpenText™ Filr allows Authentication Bypass. The vulnerability could allow unauthenticated users to get XSRF token and do RPC with carefully crafted programs.

This issue affects Filr: through 25.1.2.
Published: 2026-03-03
Score: 8.3 High
EPSS: < 1% Very Low
KEV: No
Impact: Authentication Bypass leading to unauthorized RPC execution
Action: Apply Patch
AI Analysis

Impact

The vulnerability is an improper access control flaw that allows an attacker to bypass authentication. By requesting an XSRF token without credentials, an unauthenticated user can then invoke remote procedure calls using a carefully crafted payload, potentially executing arbitrary actions within the Filr instance. The weakness is a classic authorization error (CWE‑862) and can compromise confidentiality and integrity of information and system resources.

Affected Systems

OpenText Filr, versions up to and including 25.1.2, as identified by the vendor and the associated CPE string.

Risk and Exploitability

The CVSS score of 8.3 indicates a high severity, but the EPSS value of less than 1% suggests that exploitation is currently unlikely. The vulnerability is not listed in the CISA Known Exploited Vulnerabilities catalog. Based on the description, the likely attack vector is remote over the network: an attacker sends unauthenticated requests to obtain a token and then performs RPC calls. No additional prerequisites are mentioned in the advisory, so a simple network connection to the affected service suffices.

Generated by OpenCVE AI on April 16, 2026 at 13:51 UTC.

Remediation

Vendor Solution

https://portal.microfocus.com/s/article/KM000045579?language=en_US

OpenCVE Recommended Actions

  • Apply the vendor-supplied patch or upgrade to a version newer than 25.1.2 using the solution link at https://portal.microfocus.com/s/article/KM000045579?language=en_US
  • Configure network or application firewall rules to block unauthenticated access to the XSRF token and RPC endpoints.
  • Disable or limit the XSRF token endpoint for unauthenticated users if possible, ensuring that only authenticated sessions can request tokens or perform RPC operations.

Generated by OpenCVE AI on April 16, 2026 at 13:51 UTC.

Tracking

Sign in to view the affected projects.

Advisories

No advisories yet.

History

Thu, 05 Mar 2026 16:15:00 +0000

Type Values Removed Values Added
CPEs cpe:2.3:a:opentext:filr:*:*:*:*:*:*:*:*
Metrics cvssV3_1

{'score': 9.8, 'vector': 'CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H'}

Wed, 04 Mar 2026 17:15:00 +0000

Type Values Removed Values Added
Metrics ssvc

{'options': {'Automatable': 'no', 'Exploitation': 'none', 'Technical Impact': 'partial'}, 'version': '2.0.3'}

Wed, 04 Mar 2026 15:00:00 +0000

Type Values Removed Values Added
First Time appeared Opentext
Opentext filr
Vendors & Products Opentext
Opentext filr

Tue, 03 Mar 2026 22:45:00 +0000

Type Values Removed Values Added
Description Missing Authorization vulnerability in OpenText™ Filr allows Authentication Bypass. The vulnerability could allow unauthenticated users to get XSRF token and do RPC with carefully crafted programs. This issue affects Filr: through 25.1.2.
Title Improper access control vulnerability has been discovered in OpenText™ Filr.
Weaknesses CWE-862
References
Metrics cvssV4_0

{'score': 8.3, 'vector': 'CVSS:4.0/AV:N/AC:H/AT:P/PR:N/UI:N/VC:L/VI:H/VA:L/SC:L/SI:L/SA:L/S:P/AU:Y/R:I/V:D/RE:M/U:Red'}

Subscriptions

Opentext Filr
cve-icon MITRE

Status: PUBLISHED

Assigner: OpenText

Published:

Updated: 2026-03-04T16:26:30.989Z

Reserved: 2026-02-26T14:50:44.358Z

Link: CVE-2026-3266

cve-icon Vulnrichment

Updated: 2026-03-04T16:26:26.839Z

cve-icon NVD

Status : Analyzed

Published: 2026-03-03T23:15:56.813

Modified: 2026-03-05T16:03:34.697

Link: CVE-2026-3266

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

Updated: 2026-04-16T14:00:19Z

Weaknesses