CVE-2023-6400

HIGH

OpenText ZENworks <23.4 - Info Disclosure

Title source: llm

Description

Incorrect Authorization vulnerability in OpenText™ ZENworks Configuration Management (ZCM) allows Unauthorized Use of Device Resources.This issue affects ZENworks Configuration Management (ZCM) versions: 2020 update 3, 23.3, and 23.4.

References (1)

Core 1

Core References

Various Sources

https://portal.microfocus.com/s/article/KM000027630?language=en_US

Scores

CVSS v3 7.4

EPSS 0.0023

EPSS Percentile 13.5%

Attack Vector PHYSICAL

CVSS:3.1/AV:P/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H

CISA SSVC

Vulnrichment

Exploitation none

Automatable no

Technical Impact total

Details

CWE

CWE-863

Status published

Products (3)

OpenText™/ZENworks Configuration Management (ZCM) 2020 update 3

OpenText™/ZENworks Configuration Management (ZCM) 23.3

OpenText™/ZENworks Configuration Management (ZCM) 23.4

Published Mar 27, 2024

Tracked Since Feb 18, 2026