CVE-2024-6360

Incorrect Permission Assignment for Critical Resource vulnerability in OpenText Vertica could allow Privilege Abuse and result inunauthorized access or privileges to Vertica agent apikey.
This issue affects Vertica: from 10.0 through 10.X, from 11.0 through 11.X, from 12.0 through 12.X, from 23.0 through 23.X, from 24.0 through 24.X.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTNIST
9.8 CRITICAL
NETWORK
LOW
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
OpenTextCNA
---
---
CISA-ADPADP
---
---
Base Score
CVSS 3.x
EPSS Score
Percentile: 22%
VendorProductVersion
microfocusvertica
10.0.0-0 ≤
𝑥
< 12.0.4-30
microfocusvertica
23.0.0-0 ≤
𝑥
< 23.3.0-11
microfocusvertica
23.4.0-0 ≤
𝑥
< 23.4.0-13
opentextvertica
24.1.0-0 ≤
𝑥
< 24.1.0-8
opentextvertica
24.2.0-0 ≤
𝑥
< 24.2.0-4
opentextvertica
24.3.0-0
𝑥
= Vulnerable software versions
Common Weakness Enumeration
References
https://portal.microfocus.com/s/article/KM000033373?language=en_US