CVE-2025-13478

Vulnerability Description

Cache misconfiguration vulnerability in OpenText Identity Manager on Windows, Linux allows remote authenticated users to obtain another user's session data via insecure application cache handling. This issue affects Identity Manager: 25.2(v4.10.1).

Related Weaknesses (CWE)

CWE-522

References

https://docs.microfocus.com/doc/2159/25.2/cvesecurityfix
https://docs.microfocus.com/doc/2159/25.2/releasenotesidentitymanager4101patch01

FAQ

What is CVE-2025-13478?

CVE-2025-13478 is a documented vulnerability. Cache misconfiguration vulnerability in OpenText Identity Manager on Windows, Linux allows remote authenticated users to obtain another user's session data via insecure application cache handling. Thi...

How severe is CVE-2025-13478?

CVSS scoring is not yet available for CVE-2025-13478. Check NVD for updates.

Is there a patch for CVE-2025-13478?

Check the references section above for vendor advisories and patch information. Review vendor security bulletins for remediation guidance.