CVE-2024-6360

EUVD-2024-47468
Incorrect Permission Assignment for Critical Resource vulnerability in OpenText™ Vertica could allow Privilege Abuse and result in unauthorized access or privileges to Vertica agent apikey.
This issue affects Vertica: from 10.0 through 10.X, from 11.0 through 11.X, from 12.0 through 12.X, from 23.0 through 23.X, from 24.0 through 24.X.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTPrimary
9.8 CRITICAL
NETWORK
LOW
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Base Score
CVSS 3.x
EPSS Score
Percentile: 27%
Affected Products (NVD)
VendorProductVersion
microfocusvertica
10.0.0-0 ≤
𝑥
< 12.0.4-30
microfocusvertica
23.0.0-0 ≤
𝑥
< 23.3.0-11
microfocusvertica
23.4.0-0 ≤
𝑥
< 23.4.0-13
opentextvertica
24.1.0-0 ≤
𝑥
< 24.1.0-8
opentextvertica
24.2.0-0 ≤
𝑥
< 24.2.0-4
opentextvertica
24.3.0-0
𝑥
= Vulnerable software versions
Common Weakness Enumeration
References
https://portal.microfocus.com/s/article/KM000033373?language=en_US