CVE-2025-8616

MEDIUM

OpenText Advanced Authentication <6.5.0 - Auth Bypass

Title source: llm

Description

A weakness identified in OpenText Advanced Authentication where a Malicious browser plugin can record and replay the user authentication process to bypass Authentication. This issue affects Advanced Authentication on or before 6.5.0.

References (1)

Core 1

Core References

Various Sources

https://staging.docs.microfocus.com/doc/42/main/advancedauthentication6504

Scores

CVSS v4 6.1

EPSS 0.0038

EPSS Percentile 29.3%

CVSS:4.0/AV:N/AC:H/AT:P/PR:N/UI:P/VC:H/VI:L/VA:L/SC:N/SI:N/SA:N

CISA SSVC

Vulnrichment

Exploitation none

Automatable no

Technical Impact partial

Details

CWE

CWE-294

Status published

Products (1)

OpenText/Advanced Authentication 6.5.0 - = <

Published Aug 06, 2025

Tracked Since Feb 18, 2026