CVE-2026-1658
UI Misrepresentation in OpenText Directory Services Enables Cache Poisoning
Publication date: 2026-02-19
Last updated on: 2026-02-26
Assigner: OpenText
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| opentext | directory_services | From 20.4.1 (inc) to 25.2 (inc) |
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-451 | The user interface (UI) does not properly represent critical information to the user, allowing the information - or its source - to be obscured or spoofed. This is often a component in phishing attacks. |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
This vulnerability is a User Interface (UI) Misrepresentation of Critical Information in OpenText™ Directory Services that allows Cache Poisoning.
An attacker can exploit this issue to inject manipulated text into the OpenText application, which may mislead users by displaying false or altered information.
It affects Directory Services versions from 20.4.1 through 25.2.
How can this vulnerability impact me? :
The vulnerability can impact you by allowing an attacker to inject misleading or manipulated text into the OpenText Directory Services user interface.
This misrepresentation of critical information could cause users to make incorrect decisions based on false data, potentially leading to security risks or operational issues.
How does this vulnerability affect compliance with common standards and regulations (like GDPR, HIPAA)?:
I don't know
How can this vulnerability be detected on my network or system? Can you suggest some commands?
I don't know
What immediate steps should I take to mitigate this vulnerability?
I don't know