CVE-2024-3487

LOW

Microfocus Imanager < 3.2.6 - Authentication Bypass

Title source: rule

Description

Broken Authentication vulnerability discovered in OpenText™ iManager 3.2.6.0200. This vulnerability allows an attacker to manipulate certain parameters to bypass authentication.

References (1)

Scores

CVSS v3 3.5
EPSS 0.0009
EPSS Percentile 25.1%
Attack Vector ADJACENT_NETWORK
CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N

Classification

CWE
CWE-287
Status published

Affected Products (5)

microfocus/imanager < 3.2.6
microfocus/imanager
microfocus/imanager
microfocus/imanager
microfocus/imanager

Timeline

Published May 15, 2024
Tracked Since Feb 18, 2026