Wikis - Page

Knowledge Doc: OpenText™︎ Operations Agent (OA) Security Bulletin - A low severity stored XSS vulnerability has been discovered

2 Likes

The vulnerability could allow an attacker with local admin permissions to manipulate the content of the internal status page of the Agent on the local system.

Security alert

A low severity stored XSS vulnerability has been discovered in OpenTextTm Operations Agent.

 

Systems affected:

OA 12.20, OA 12.21, OA 12.22, OA 12.23,OA 12.24,OA 12.25,OA 12.26

 

Details:

The vulnerability could allow an attacker with local admin permissions to manipulate the content of the internal status page of the Agent on the local system. 

CVE reference:

CVE-2024-5532

Impact:

The content of the internal status information that OA provides for supportability can be manipulated. There is no further risk regarding confidentiality, integrity and availability as there are no cookies to steal. 

Solution:

Upgrade Operations Agent to OA 12.27.

Read the complete knowledge article

Labels:

Support Tips/Knowledge Docs
Comment List
Related
Recommended