CVE-2025-12455
Received Received - Intake
Observable Response Discrepancy Enables Password Brute Force in Vertica

Publication date: 2026-03-13

Last updated on: 2026-04-17

Assigner: OpenText

Description
Observable response discrepancy vulnerability in OpenText™ Vertica allows Password Brute Forcing.   The vulnerability could lead to Password Brute Forcing in Vertica management console application.This issue affects Vertica: from 10.0 through 10.X, from 11.0 through 11.X, from 12.0 through 12.X.
CVSS Scores
EPSS Scores
Probability:
Percentile:
Meta Information
Published
2026-03-13
Last Modified
2026-04-17
Generated
2026-06-16
AI Q&A
2026-03-13
EPSS Evaluated
2026-06-14
NVD
CVE-2025-12455
EUVD
EUVD-2025-208643
Affected Vendors & Products
Showing 1 associated CPE
Vendor Product Version / Range
opentext vertica From 10.0.0-0 (inc) to 12.0.4-34 (inc)
Helpful Resources
Exploitability
CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-204 The product provides different responses to incoming requests in a way that reveals internal state information to an unauthorized actor outside of the intended control sphere.
Attack-Flow Graph
AI Quick Actions
Instant insights powered by AI
Executive Summary

This vulnerability is an observable response discrepancy issue in OpenText™ Vertica that allows an attacker to perform password brute forcing. It affects the Vertica management console application in versions from 10.0 through 12.X.

Impact Analysis

The vulnerability could allow an attacker to repeatedly attempt to guess passwords on the Vertica management console, potentially leading to unauthorized access if successful.

Compliance Impact

I don't know

Detection Guidance

I don't know

Mitigation Strategies

I don't know

Chat Assistant
Ask questions about this CVE
Hi! I’m here to help you understand CVE-2025-12455. Ask me anything about the vulnerability, its impact, or mitigation strategies.
0/70
EPSS Chart