cbcvebase.
CVE-2022-45922
published 2023-01-18

CVE-2022-45922: An issue was discovered in OpenText Content Suite Platform 22.1 (16.2.19.1803). The request handler for ll.KeepAliveSession sets a valid AdminPwd cookie even…

PriorityP355high8.8CVSS 3.1
AVNACLPRLUINSUCHIHAH
EPSS
1.60%
72.8th percentile
An issue was discovered in OpenText Content Suite Platform 22.1 (16.2.19.1803). The request handler for ll.KeepAliveSession sets a valid AdminPwd cookie even when the Web Admin password was not entered. This allows access to endpoints, which require a valid AdminPwd cookie, without knowing the password.

Affected

1 ranges
VendorProductVersion rangeFixed in
opentextopentext_extended_ecm21.1 – 22.1
Stop checking back — get the weekly exploitation signal.

Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.