Expert found critical flaws in OpenText Enterprise Content Management System

The OpenText enterprise content management (ECM) system is affected by multiple vulnerabilities, including a critical RCE.

Armin Stock (Atos), researcher at cybersecurity firm Sec Consult, discovered multiple vulnerabilities in the OpenText enterprise content management (ECM) product.

OpenText Extended ECM is an enterprise CMS platform that manages the information lifecycle by integrating with leading enterprise applications, such as SAP, Microsoft 365, Salesforce and SAP SuccessFactors.

The list of vulnerabilities discovered by the experts includes:

• Deletion of arbitrary files (CVE-2022-45924);
• Privilege escalation due to logic error in cookie creation  (CVE-2022-45922);
• xmlExport multiple vulnerabilities (CVE-2022-45925);
• Evaluate webreports via notify.localizeEmailTemplate (CVE-2022-45926);
• Local File Inclusion allows Oscript execution (CVE-2022-45928);
• Pre-authenticated Remote Code Execution in cs.exe (CVE-2022-45923)
• Pre-authenticated Remote Code Execution via Java frontend and QDS endpoint  (CVE-2022-45927)

The advisories for the high-severity vulnerabilities includes Proof-of-concept (PoC) code.

The expert reported the issues to OpenText in October 2022 which addressed it this month with the release of version 22.4.

Follow me on Twitter: @securityaffairs and Facebook and Mastodon

[adrotate banner=”9″]

[adrotate banner=”12″]

Pierluigi Paganini

(SecurityAffairs – hacking, ECM)

[adrotate banner=”5″]

[adrotate banner=”13″]