CVE-2024-6360

CRITICAL

OpenText Vertica 10.X-24.X - Privilege Escalation

Title source: llm

Description

Incorrect Permission Assignment for Critical Resource vulnerability in OpenText™ Vertica could allow Privilege Abuse and result in unauthorized access or privileges to Vertica agent apikey. This issue affects Vertica: from 10.0 through 10.X, from 11.0 through 11.X, from 12.0 through 12.X, from 23.0 through 23.X, from 24.0 through 24.X.

References (1)

[Vendor Advisory] https://portal.microfocus.com/s/article/KM000033373?language=en_US

Scores

CVSS v3 9.8

EPSS 0.0010

EPSS Percentile 26.8%

Attack Vector NETWORK

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

CISA SSVC

Vulnrichment

Exploitation none

Automatable no

Technical Impact partial

Details

CWE

CWE-732

Status published

Products (3)

microfocus/vertica 10.0.0-0 - 12.0.4-30

opentext/vertica 24.3.0-0

opentext/vertica 24.1.0-0 - 24.1.0-8

Published Oct 02, 2024

Tracked Since Feb 18, 2026