CyberAlerts is shutting down on June 30th, 2025. Thank you for your support!
CVE-2025-3272: Incorrect user authorization vulnerability has been identified in Open Text Operations Bridge Manager.
6.7
CVSS
Description
Incorrect Authorization vulnerability in OpenText™ Operations Bridge Manager.
The vulnerability could allow authenticated users to change their password without providing their old password.
This issue affects Operations Bridge Manager: 24.2, 24.4.
Classification
CVE ID: CVE-2025-3272
CVSS Base Severity: MEDIUM
CVSS Base Score: 6.7
CVSS Vector: CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:A/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N/AU:N/R:U/V:C/RE:L/U:Green
Problem Types
CWE-863 Incorrect AuthorizationAffected Products
Vendor: OpenText™
Product: Operations Bridge Manager
Exploit Prediction Scoring System (EPSS)
EPSS Score: 0.02% (probability of being exploited)
EPSS Percentile: 3.05% (scored less or equal to compared to others)
EPSS Date: 2025-06-05 (when was this score calculated)
References
https://nvd.nist.gov/vuln/detail/CVE-2025-3272https://portal.microfocus.com/s/article/KM000040405