Cybersecurity
DevOps Cloud
IT Operations Cloud
The vulnerability could allow an attacker with local admin permissions to manipulate the content of the internal status page of the Agent on the local system.
A low severity stored XSS vulnerability has been discovered in OpenText Operations Agent.
Systems affected:
OA 12.20, OA 12.21, OA 12.22, OA 12.23,OA 12.24,OA 12.25,OA 12.26
Details:
The vulnerability could allow an attacker with local admin permissions to manipulate the content of the internal status page of the Agent on the local system.
CVE reference:
CVE-2024-5532
Impact:
The content of the internal status information that OA provides for supportability can be manipulated. There is no further risk regarding confidentiality, integrity and availability as there are no cookies to steal.
Solution:
Upgrade Operations Agent to OA 12.27.
Read the complete knowledge article