CVE-2024-5532 — MEDIUM (4.8)

Q: How severe is CVE-2024-5532?

CVE-2024-5532 has been rated MEDIUM with a CVSS base score of 4.8/10. Review the CVSS metrics above for detailed severity breakdown.

Q: Is there a patch for CVE-2024-5532?

Check the references section above for vendor advisories and patch information. Affected products include: Microfocus Operations Agent.

Vulnerability Description

Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in OpenText™ Operations Agent. The XSS vulnerability could allow an attacker with local admin permissions to manipulate the content of the internal status page of the Agent on the local system. This issue affects Operations Agent: 12.20, 12.21, 12.22, 12.23, 12.24, 12.25, 12.26.

CVSS Score

4.8

MEDIUM

CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

HIGH

User Interaction

REQUIRED

Scope

CHANGED

Confidentiality

LOW

Integrity

LOW

Availability

NONE

Affected Products

Vendor	Product	Versions
Microfocus	Operations Agent	>= 12.20, <= 12.26

Related Weaknesses (CWE)

CWE-79

References

https://portal.microfocus.com/s/article/KM000035731?language=en_USVendor Advisory

FAQ

What is CVE-2024-5532?

CVE-2024-5532 is a vulnerability with a CVSS score of 4.8 (MEDIUM). Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in OpenText™ Operations Agent. The XSS vulnerability could allow an attacker with local admi...

How severe is CVE-2024-5532?

CVE-2024-5532 has been rated MEDIUM with a CVSS base score of 4.8/10. Review the CVSS metrics above for detailed severity breakdown.

Is there a patch for CVE-2024-5532?

Check the references section above for vendor advisories and patch information. Affected products include: Microfocus Operations Agent.