CVE-2025-12455
Received
Received - Intake
Observable Response Discrepancy Enables Password Brute Force in Vertica
Publication date: 2026-03-13
Last updated on: 2026-04-17
Assigner: OpenText
Description
Description
Observable response discrepancy vulnerability in OpenText™ Vertica allows Password Brute Forcing.
The vulnerability could lead to Password Brute Forcing in Vertica management console application.This issue affects Vertica: from 10.0 through 10.X, from 11.0 through 11.X, from 12.0 through 12.X.
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| opentext | vertica | From 10.0.0-0 (inc) to 12.0.4-34 (inc) |
Helpful Resources
Exploitability
CWE
KEV
| CWE ID | Description |
|---|---|
| CWE-204 | The product provides different responses to incoming requests in a way that reveals internal state information to an unauthorized actor outside of the intended control sphere. |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
This vulnerability is an observable response discrepancy issue in OpenText™ Vertica that allows an attacker to perform password brute forcing. It affects the Vertica management console application in versions from 10.0 through 12.X.
How can this vulnerability impact me? :
The vulnerability could allow an attacker to repeatedly attempt to guess passwords on the Vertica management console, potentially leading to unauthorized access if successful.
How does this vulnerability affect compliance with common standards and regulations (like GDPR, HIPAA)?:
I don't know
How can this vulnerability be detected on my network or system? Can you suggest some commands?
I don't know
What immediate steps should I take to mitigate this vulnerability?
I don't know
Ask Our AI Assistant
Need more information? Ask your question to get an AI reply (Powered by our expertise)
0/70