Opentext Directory Services vulnerabilities
4 known vulnerabilities affecting opentext/directory_services.
Total CVEs
4
CISA KEV
0
Public exploits
0
Exploited in wild
0
Severity breakdown
CRITICAL2MEDIUM2
Vulnerabilities
Page 1 of 1
CVE-2023-7249P3CRITICALCVSS 9.8≥ 16.4.2, < 24.12024-08-12
CVE-2023-7249 [CRITICAL] CWE-22 CVE-2023-7249: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in Open
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in OpenText OpenText Directory Services allows Path Traversal.This issue affects OpenText Directory Services: from 16.4.2 before 24.1.
nvd
CVE-2025-15579P2CRITICALCVSS 9.5fixed in 24.4.16≥ 25.1, < 25.1.9+4 more2026-02-18
CVE-2025-15579 [CRITICAL] CWE-502 CVE-2025-15579: Deserialization of Untrusted Data vulnerability in OpenText™ Directory Services allows Object Inject
Deserialization of Untrusted Data vulnerability in OpenText™ Directory Services allows Object Injection.
The vulnerability could lead to remote code execution, denial of service, or privilege escalation.
This issue affects Directory Services: before 24.4.16, from 25.1 before 25.1.9, from 25.2 before 25.2.9, from 25.3 before 25.3.8, from 25.4 bef
nvd
CVE-2024-7650P3MEDIUMCVSS 6.3v23.42025-07-10
CVE-2024-7650 [MEDIUM] CWE-94 CVE-2024-7650: Improper Control of Generation of Code ('Code Injection') vulnerability in OpenText™ Directory Servi
Improper Control of Generation of Code ('Code Injection') vulnerability in OpenText™ Directory Services allows Remote Code Inclusion. The
vulnerability could allow access to the system via script injection.This issue affects Directory Services: 23.4.
nvd
CVE-2026-1658MEDIUMCVSS 5.3≥ 20.4.1, ≤ 25.22026-02-19
CVE-2026-1658 [MEDIUM] CWE-451 Content spoofing vulnerability discovered in OpenText™ Directory Services
Content spoofing vulnerability discovered in OpenText™ Directory Services
User Interface (UI) Misrepresentation of Critical Information vulnerability in OpenText™ Directory Services allows Cache Poisoning.
The vulnerability could be exploited by a bad actor to inject manipulated text into the OpenText application, potentially misleading users.
This issue affects Directory Services: from 20
cvelistv5