CVE-2025-15579

Deserialization of Untrusted Data vulnerability in OpenTextâ„¢ Directory Services allows Object Injection. The vulnerability could lead to remote code execution, denial of service, or
privilege escalation.

This issue affects Directory Services: from 10.5 through 26.1.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTPrimary
UNKNOWN
---
Awaiting analysis
This vulnerability is currently awaiting analysis.
Base Score
CVSS 3.x
EPSS Score
Percentile: 55%
Common Weakness Enumeration
References
https://support.opentext.com/csm?id=ot_kb_unauthenticated&sysparm_article=KB0859600&sys_kb_id=f82c01214707b6144549b6bd416d43b7&spa=1