CVE-2025-8616
Unknown
Unknown - Not Provided
BaseFortify
Publication date: 2025-08-06
Last updated on: 2025-08-06
Assigner: OpenText
Description
Description
A weakness identified in OpenText Advanced Authentication where a Malicious browser plugin can record and replay the user authentication process to bypass Authentication. This issue affects Advanced Authentication on or before 6.5.0.
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| opentext | advanced_authentication | 6.5.0 |
Helpful Resources
Exploitability
CWE
KEV
| CWE ID | Description |
|---|---|
| CWE-294 | A capture-replay flaw exists when the design of the product makes it possible for a malicious user to sniff network traffic and bypass authentication by replaying it to the server in question to the same effect as the original message (or with minor changes). |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
This vulnerability is a weakness in OpenText Advanced Authentication (version 6.5.0 or earlier) where a malicious browser plugin can record and replay the user authentication process. This allows an attacker to bypass the authentication mechanism by reusing the recorded authentication data.
How can this vulnerability impact me? :
The vulnerability can allow an attacker to bypass authentication controls, potentially gaining unauthorized access to systems or data protected by OpenText Advanced Authentication. This could lead to unauthorized actions or data breaches.
Ask Our AI Assistant
Need more information? Ask your question to get an AI reply (Powered by our expertise)
0/70