Primary

Context

OpenSIAC Incorrect Authentication Vulnerability Allowing Impersonation via Cl@ve

Vulnerability

A vulnerability allowing incorrect authentication has been identified in OpenSIAC version 1.0, part of the GTT group digital government platform. This issue could enable an attacker to impersonate a user authenticated through Cl@ve. The vulnerability does not affect users relying on other identification methods, such as VALIDe or digital certificates.

Impact

Exploitation of this vulnerability could lead to unauthorized impersonation of users, potentially allowing attackers to access services or perform actions on behalf of the impersonated individuals.

Remediation

The vulnerability has been fixed in OpenSIAC version 1.2.

Added: Oct 2, 2025, 12:17 PM

Updated: Oct 2, 2025, 7:57 PM

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

5.0

exploitability

7.4

remediation

7.7

relevance

0.6

threat

0.0

urgency

2.9

incentive

5.8

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

5.0

exploitability

7.4

remediation

7.7

relevance

0.6

threat

0.0

urgency

2.9

incentive

5.8

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

OpenSIAC Incorrect Authentication Vulnerability Allowing Impersonation via Cl@ve

Vulnerability

Impact

Remediation

Affected Products

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating