{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-05-02T14:22:27.462","vulnerabilities":[{"cve":{"id":"CVE-2024-12111","sourceIdentifier":"security@opentext.com","published":"2024-12-19T20:15:06.950","lastModified":"2026-04-15T00:35:42.020","vulnStatus":"Deferred","cveTags":[],"descriptions":[{"lang":"en","value":"In a specific scenario a LDAP user can abuse the authentication process using injection attack in OpenText Privileged Access Manager that allows authentication bypass. This issue affects Privileged Access Manager version 23.3(4.4); 24.3(4.5)"},{"lang":"es","value":"En un escenario específico, un usuario LDAP puede abusar del proceso de autenticación en OpenText Privileged Access Manager que permite omitir la autenticación. Este problema afecta a Privileged Access Manager versión 23.3(4.4); 24.3(4.5)"}],"metrics":{"cvssMetricV31":[{"source":"security@opentext.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:C/C:H/I:H/A:H","baseScore":8.0,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"HIGH","privilegesRequired":"LOW","userInteraction":"REQUIRED","scope":"CHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":1.3,"impactScore":6.0}]},"weaknesses":[{"source":"security@opentext.com","type":"Secondary","description":[{"lang":"en","value":"CWE-77"}]}],"references":[{"url":"https://www.netiq.com/documentation/privileged-access-manager-45/npam_45_releasenotes/data/npam_45_releasenotes.html","source":"security@opentext.com"},{"url":"https://www.netiq.com/documentation/privileged-account-manager-44/npam_44_releasenotes/data/npam_44_releasenotes.html","source":"security@opentext.com"}]}}]}