Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
An issue was discovered in OpenText Content Suite Platform 22.1 (16.2.19.1803). The request handler for ll.KeepAliveSession sets a valid AdminPwd cookie even when the Web Admin password was not entered. This allows access to endpoints, which require a valid AdminPwd cookie, without knowing the password.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
OpenText Content Suite Platform 安全漏洞
Vulnerability Description
OpenText Content Suite Platform是OpenText公司的一个顶级的企业内容管理(ECM)系统。可以管理整个企业的信息生命周期,从捕获到存档和处置。 OpenText Content Suite Platform 22.1 版本存在安全漏洞,该漏洞源于即使未输入 Web 管理员密码,ll.KeepAliveSession 的请求处理程序也会设置一个有效的 AdminPwd cookie。 这允许在不知道密码的情况下访问需要有效 AdminPwd cookie 的端点。
CVSS Information
N/A
Vulnerability Type
N/A