CVE-2025-2236
LOWOpenText Advanced Authentication <6.5 - Info Disclosure
Title source: llmDescription
Exposure of Sensitive System Information to an Unauthorized Control Sphere vulnerability in OpenText Advanced Authentication allows Information Elicitation. The vulnerability could reveal sensitive information while managing and configuring of the external services. This issue affects Advanced Authentication versions before 6.5.
References (1)
Core 1
Core References
Various Sources
https://portal.microfocus.com/s/article/KM000039947
Scores
CVSS v4
2.1
EPSS
0.0016
EPSS Percentile
5.6%
CVSS:4.0/AV:L/AC:L/AT:P/PR:N/UI:N/VC:L/VI:L/VA:L/SC:L/SI:L/SA:L/S:P/AU:N/V:C/RE:M/U:Red
CISA SSVC
Vulnrichment
Exploitation
none
Automatable
no
Technical Impact
partial
Details
CWE
CWE-497
Status
published
Products (1)
OpenText/Advanced Authentication
< 6.5
Published
May 27, 2025
Tracked Since
Feb 18, 2026