CVE-2024-12706

Published: Apr 28, 2025

Modified: Apr 28, 2025

PUBLISHED

Description

Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in OpenText™ Digital Asset Management. T he vulnerability could allow an authenticated user to run arbitrary SQL commands on the underlying database. This issue affects Digital Asset Management.: through 24.4.

Vendor	Product	Versions
OpenText™	Digital Asset Management.	affected `0 - <= 24.4`

Weaknesses (CWE)

CWE-89

References

https://support.opentext.com/csm?id=ot_kb_unauthenticated&sysparm_article=KB0840263

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Start Training

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.

Scan Now

CVE-2024-12706

Description

Affected Products

Weaknesses (CWE)

References