cbcvebase.

Opentext Directory Services vulnerabilities

4 known vulnerabilities affecting opentext/directory_services.

Total CVEs
4
CISA KEV
0
Public exploits
0
Exploited in wild
0
Severity breakdown
CRITICAL2MEDIUM2

Vulnerabilities

Page 1 of 1
CVE-2023-7249P3CRITICALCVSS 9.8≥ 16.4.2, < 24.12024-08-12
CVE-2023-7249 [CRITICAL] CWE-22 CVE-2023-7249: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in Open Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in OpenText OpenText Directory Services allows Path Traversal.This issue affects OpenText Directory Services: from 16.4.2 before 24.1.
nvd
CVE-2025-15579P2CRITICALCVSS 9.5fixed in 24.4.16≥ 25.1, < 25.1.9+4 more2026-02-18
CVE-2025-15579 [CRITICAL] CWE-502 CVE-2025-15579: Deserialization of Untrusted Data vulnerability in OpenText™ Directory Services allows Object Inject Deserialization of Untrusted Data vulnerability in OpenText™ Directory Services allows Object Injection. The vulnerability could lead to remote code execution, denial of service, or privilege escalation. This issue affects Directory Services: before 24.4.16, from 25.1 before 25.1.9, from 25.2 before 25.2.9, from 25.3 before 25.3.8, from 25.4 bef
nvd
CVE-2024-7650P3MEDIUMCVSS 6.3v23.42025-07-10
CVE-2024-7650 [MEDIUM] CWE-94 CVE-2024-7650: Improper Control of Generation of Code ('Code Injection') vulnerability in OpenText™ Directory Servi Improper Control of Generation of Code ('Code Injection') vulnerability in OpenText™ Directory Services allows Remote Code Inclusion. The vulnerability could allow access to the system via script injection.This issue affects Directory Services: 23.4.
nvd
CVE-2026-1658MEDIUMCVSS 5.3≥ 20.4.1, ≤ 25.22026-02-19
CVE-2026-1658 [MEDIUM] CWE-451 Content spoofing vulnerability discovered in OpenText™ Directory Services Content spoofing vulnerability discovered in OpenText™ Directory Services User Interface (UI) Misrepresentation of Critical Information vulnerability in OpenText™ Directory Services allows Cache Poisoning. The vulnerability could be exploited by a bad actor to inject manipulated text into the OpenText application, potentially misleading users. This issue affects Directory Services: from 20
cvelistv5