Vulnerability Description
Improper Input Validation, Files or Directories Accessible to External Parties vulnerability in OpenText AppBuilder on Windows, Linux allows Probe System Files. An unauthenticated or authenticated user can abuse a page of AppBuilder to read arbitrary files on the server on which it is hosted. This issue affects AppBuilder: from 21.2 before 23.2.
CVSS Score
HIGH
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Opentext | Appbuilder | >= 21.2, < 23.2 |
| Linux | Linux Kernel | - |
| Microsoft | Windows | - |
Related Weaknesses (CWE)
References
- https://support.opentext.com/csm?id=ot_kb_search&kb_category=61648712db61781068cPermissions Required
- https://support.opentext.com/csm?id=ot_kb_search&kb_category=61648712db61781068cPermissions Required
FAQ
What is CVE-2023-4550?
CVE-2023-4550 is a vulnerability with a CVSS score of 7.5 (HIGH). Improper Input Validation, Files or Directories Accessible to External Parties vulnerability in OpenText AppBuilder on Windows, Linux allows Probe System Files. An unauthenticated or authenticated us...
How severe is CVE-2023-4550?
CVE-2023-4550 has been rated HIGH with a CVSS base score of 7.5/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2023-4550?
Check the references section above for vendor advisories and patch information. Affected products include: Opentext Appbuilder, Linux Linux Kernel, Microsoft Windows.