Malicious browser plugins may cause Authentication replay attack vulnerability to bypass authentication in OpenText Advanced Authentication

August 6, 2025 invoker category_cve

CVE Details

Basic Information

Title Malicious browser plugins may cause Authentication replay attack vulnerability to bypass authentication in OpenText Advanced Authentication
Type cve
Published 2025-08-06T14:10:25.819Z
Modified 2025-08-06T14:10:25.819Z

Product Information

Vendor OpenText
Product Advanced Authentication
Version 6.5.0

CVSS Information

Base Score 6.1 (MEDIUM)
Attack Vector CVSS:4.0/AV:N/AC:H/AT:P/PR:N/UI:P/VC:H/VI:L/VA:L/SC:N/SI:N/SA:N

Affected Products

  • OpenText Advanced Authentication 6.5.0

Additional Information

CWE List CWE-294
Source OpenText

Description

A weakness identified in OpenText Advanced Authentication where a Malicious browser plugin can record and replay the user authentication process to bypass Authentication. This issue affects Advanced Authentication on or before 6.5.0.

💭 Join the Security Discussion

🔒 Your email address will not be published. Required fields are marked *

⚠️ Please be respectful and constructive in your comments. Security discussions should remain professional.