1. Home
  2. CVE Database
  3. CVE-2023-7248
MEDIUM · 5.0

CVE-2023-7248

Certain functionality in OpenText Vertica Management console might be prone to bypass via crafted requests.  The vulnerability would affect one of Vertica’s authentication functionalities by allowin...

Vulnerability Description

Certain functionality in OpenText Vertica Management console might be prone to bypass via crafted requests.  The vulnerability would affect one of Vertica’s authentication functionalities by allowing specially crafted requests and sequences. This issue impacts the following Vertica Management Console versions: 10.x 11.1.1-24 or lower 12.0.4-18 or lower Please upgrade to one of the following Vertica Management Console versions: 10.x to upgrade to latest versions from below. 11.1.1-25 12.0.4-19 23.x 24.x

CVSS Score

5.0

MEDIUM

CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:C/C:N/I:L/A:L
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
CHANGED
Confidentiality
NONE
Integrity
LOW
Availability
LOW

Affected Products

VendorProductVersions
OpentextVertica>= 10.0.0-0, <= 10.1.1-26

Related Weaknesses (CWE)

CWE-20

References

FAQ

What is CVE-2023-7248?

CVE-2023-7248 is a vulnerability with a CVSS score of 5.0 (MEDIUM). Certain functionality in OpenText Vertica Management console might be prone to bypass via crafted requests.  The vulnerability would affect one of Vertica’s authentication functionalities by allowin...

How severe is CVE-2023-7248?

CVE-2023-7248 has been rated MEDIUM with a CVSS base score of 5.0/10. Review the CVSS metrics above for detailed severity breakdown.

Is there a patch for CVE-2023-7248?

Check the references section above for vendor advisories and patch information. Affected products include: Opentext Vertica.