CVE-2025-2236

Published May 27, 2025

Last updated 2 months ago

CVSS low 2.1

Overview

Description
Exposure of Sensitive System Information to an Unauthorized Control Sphere vulnerability in OpenText Advanced Authentication allows Information Elicitation. The vulnerability could reveal sensitive information while managing and configuring of the external services. This issue affects Advanced Authentication versions before 6.5.
Source
security@opentext.com
NVD status
Awaiting Analysis

Risk scores

CVSS 4.0

Type
Secondary
Base score
2.1
Impact score
-
Exploitability score
-
Vector string
CVSS:4.0/AV:L/AC:L/AT:P/PR:N/UI:N/VC:L/VI:L/VA:L/SC:L/SI:L/SA:L/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:P/AU:N/R:X/V:C/RE:M/U:Red
Severity
LOW

Weaknesses

security@opentext.com
CWE-497

Social media

Hype score
Not currently trending

  1. CVE-2025-2236 Exposure of Sensitive System Information to an Unauthorized Control Sphere vulnerability in OpenText Advanced Authentication allows Information Elicitation. The vulnera… https://t.co/W0PV9B4qtC

    @CVEnew

    27 May 2025

    374 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

References

Sources include official advisories and independent security research.