CVE-2024-8125

Published: Feb 4, 2025

Modified: Feb 4, 2025

PUBLISHED

Description

Improper Validation of Specified Type of Input vulnerability in OpenText™ Content Management (Extended ECM) allows Parameter Injection. A bad actor with the required OpenText Content Management privileges (not root) could expose the vulnerability to carry out a remote code execution attack on the target system. This issue affects Content Management (Extended ECM): from 10.0 through 24.4 with WebReports module installed and enabled.

Vendor	Product	Versions
OpenText™	Content Management (Extended ECM)	affected `10.0 - <= 24.4`

Weaknesses (CWE)

CWE-1287

References

https://support.opentext.com/csm?id=ot_kb_unauthenticated&sysparm_article=KB0834058

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Start Training

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.

Scan Now

CVE-2024-8125

Description

Affected Products

Weaknesses (CWE)

References