CyberAlerts is shutting down on June 30th, 2025. Thank you for your support!

CVE-2025-0884: Privilege Escalation vulnerability has been discovered in OpenText™ Service Manager.

7.3 CVSS

Description

Unquoted Search Path or Element vulnerability in OpenText™ Service Manager. 

The vulnerability could allow a user to gain SYSTEM privileges through Privilege Escalation.

This issue affects Service Manager: 9.70, 9.71, 9.72.

Classification

CVE ID: CVE-2025-0884

CVSS Base Severity: HIGH

CVSS Base Score: 7.3

CVSS Vector: CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:L/SI:L/SA:L/S:P/AU:N/R:A/V:C/RE:M/U:Green

Problem Types

CWE-428 Unquoted Search Path or Element

Affected Products

Vendor: OpenText™

Product: Service Manager

Exploit Prediction Scoring System (EPSS)

EPSS Score: 0.01% (probability of being exploited)

EPSS Percentile: 0.96% (scored less or equal to compared to others)

EPSS Date: 2025-04-10 (when was this score calculated)

References

https://nvd.nist.gov/vuln/detail/CVE-2025-0884
https://portal.microfocus.com/s/article/KM000036731?language=en_US

Timeline