CVE-2024-10863: Client-side audit exclusion vulnerability

5.1 CVSS

Description

: Insufficient Logging vulnerability in OpenText Secure Content Manager on Windows allows Audit Log Manipulation.This issue affects Secure Content Manager: from 10.1 before <24.4.

End-users can potentially exploit the vulnerability to exclude audit trails from being recorded on the client side.

Classification

CVE ID: CVE-2024-10863

CVSS Base Severity: MEDIUM

CVSS Base Score: 5.1

Affected Products

Vendor: OpenText

Product: Secure Content Manager

Exploit Prediction Scoring System (EPSS)

EPSS Score: 0.04% (probability of being exploited)

EPSS Percentile: 11.44% (scored less or equal to compared to others)

EPSS Date: 2025-02-03 (when was this score calculated)

References

https://portal.microfocus.com/s/article/KM000036389?

Timeline

2024-11-27 14:41:47 UTC
CVE

Client-side audit exclusion vulnerability