Primary

Context

OpenText Operations Bridge Manager Incorrect Authorization Vulnerability Allowing Password Changes

Vulnerability

An incorrect authorization vulnerability has been identified in OpenText Operations Bridge Manager versions 24.2 and 24.4. This vulnerability allows authenticated users to change their passwords without having to provide their previous password. The issue is present in both Windows and Linux operating systems.

Impact

Exploitation of this vulnerability could lead to unauthorized password changes, potentially allowing users to gain access to accounts they do not own.

Remediation

Users are advised to upgrade to OpenText Operations Bridge Manager version 25.2 or later. If upgrading is not possible, a hotfix is available by contacting OpenText support.

Added: Jun 9, 2025, 7:46 PM

Updated: Jun 9, 2025, 7:46 PM

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

0.6

exploitability

5.2

remediation

7.7

relevance

0.0

threat

0.0

urgency

1.4

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

0.6

exploitability

5.2

remediation

7.7

relevance

0.0

threat

0.0

urgency

1.4

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

OpenText Operations Bridge Manager Incorrect Authorization Vulnerability Allowing Password Changes

Vulnerability

Impact

Remediation

Affected Products

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating