OpenText Advanced Authentication SQL Injection Vulnerability
Vulnerability
A SQL injection vulnerability has been identified in OpenText Advanced Authentication versions prior to 6.5. This vulnerability arises from improper neutralization of special elements used in SQL commands, allowing for potential manipulation of SQL queries and execution of unauthorized database commands.
Impact
Exploitation of this vulnerability allows for SQL injection, where an attacker can manipulate SQL queries to the database. This could lead to unauthorized data access, data modification, or in some cases, executing administrative operations on the database.
Remediation
Users are advised to upgrade to OpenText Advanced Authentication version 6.5 or later. Instructions for upgrading can be found in the OpenText Advanced Authentication documentation.
Vulnerability Rating
Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.