CVE-2023-6123

HIGH

OpenText ALM Octane >=16.2.100 - RCE

Title source: llm

Description

Improper Neutralization vulnerability affects OpenText ALM Octane version 16.2.100 and above. The vulnerability could result in a remote code execution attack.

References (1)

[Vendor Advisory] https://portal.microfocus.com/s/article/KM000026128?language=en_US

Scores

CVSS v3 7.5

EPSS 0.0051

EPSS Percentile 66.5%

Attack Vector NETWORK

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

CISA SSVC

Vulnrichment

Exploitation none

Automatable yes

Technical Impact partial

Details

CWE

CWE-79 CWE-707

Status published

Products (1)

opentext/alm_octane 16.2.100

Published Feb 15, 2024

Tracked Since Feb 18, 2026