CVE-2024-10863

: Insufficient Logging vulnerability in OpenText Secure Content Manager on Windows allows Audit Log Manipulation.This issue affects Secure Content Manager: from 10.1 before <24.4. End-users can potentially exploit the vulnerability to exclude audit trails from being recorded on the client side.

CVSS

No CVSS.

References

Link	Resource
https://portal.microfocus.com/s/article/KM000036389?

Configurations

No configuration.

History

15 Apr 2026, 00:35

Type	Values Removed	Values Added
Summary		(es) :La vulnerabilidad de registro insuficiente en OpenText Secure Content Manager en Windows permite la manipulación del registro de auditoría. Este problema afecta a Secure Content Manager desde la versión 10.1 hasta la 24.4. Los usuarios finales pueden aprovechar la vulnerabilidad para evitar que se registren los registros de auditoría en el lado del cliente.

22 Nov 2024, 16:15

Type	Values Removed	Values Added
New CVE

Information

Published : 2024-11-22 16:15

Updated : 2026-04-15 00:35

NVD link : CVE-2024-10863

Mitre link : CVE-2024-10863

CVE.ORG link : CVE-2024-10863

JSON object : View

Products Affected

No product.

CWE

CWE-778

Insufficient Logging

{"id": "CVE-2024-10863", "cveTags": [], "metrics": {"cvssMetricV40": [{"type": "Secondary", "source": "security@opentext.com", "cvssData": {"Safety": "NOT_DEFINED", "version": "4.0", "Recovery": "NOT_DEFINED", "baseScore": 5.1, "Automatable": "NOT_DEFINED", "attackVector": "NETWORK", "baseSeverity": "MEDIUM", "valueDensity": "NOT_DEFINED", "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:P/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X", "exploitMaturity": "NOT_DEFINED", "providerUrgency": "NOT_DEFINED", "userInteraction": "PASSIVE", "attackComplexity": "LOW", "attackRequirements": "NONE", "privilegesRequired": "LOW", "subIntegrityImpact": "NONE", "vulnIntegrityImpact": "LOW", "integrityRequirement": "NOT_DEFINED", "modifiedAttackVector": "NOT_DEFINED", "subAvailabilityImpact": "NONE", "vulnAvailabilityImpact": "NONE", "availabilityRequirement": "NOT_DEFINED", "modifiedUserInteraction": "NOT_DEFINED", "modifiedAttackComplexity": "NOT_DEFINED", "subConfidentialityImpact": "NONE", "vulnConfidentialityImpact": "NONE", "confidentialityRequirement": "NOT_DEFINED", "modifiedAttackRequirements": "NOT_DEFINED", "modifiedPrivilegesRequired": "NOT_DEFINED", "modifiedSubIntegrityImpact": "NOT_DEFINED", "modifiedVulnIntegrityImpact": "NOT_DEFINED", "vulnerabilityResponseEffort": "NOT_DEFINED", "modifiedSubAvailabilityImpact": "NOT_DEFINED", "modifiedVulnAvailabilityImpact": "NOT_DEFINED", "modifiedSubConfidentialityImpact": "NOT_DEFINED", "modifiedVulnConfidentialityImpact": "NOT_DEFINED"}}]}, "published": "2024-11-22T16:15:21.257", "references": [{"url": "https://portal.microfocus.com/s/article/KM000036389?", "source": "security@opentext.com"}], "vulnStatus": "Deferred", "weaknesses": [{"type": "Secondary", "source": "security@opentext.com", "description": [{"lang": "en", "value": "CWE-778"}]}], "descriptions": [{"lang": "en", "value": ": Insufficient Logging vulnerability in OpenText Secure Content Manager on Windows allows Audit Log Manipulation.This issue affects Secure Content Manager: from 10.1 before <24.4.\n\n\n\nEnd-users can potentially exploit the vulnerability to exclude audit trails from being recorded on the client side."}, {"lang": "es", "value": ":La vulnerabilidad de registro insuficiente en OpenText Secure Content Manager en Windows permite la manipulaci\u00f3n del registro de auditor\u00eda. Este problema afecta a Secure Content Manager desde la versi\u00f3n 10.1 hasta la 24.4. Los usuarios finales pueden aprovechar la vulnerabilidad para evitar que se registren los registros de auditor\u00eda en el lado del cliente."}], "lastModified": "2026-04-15T00:35:42.020", "sourceIdentifier": "security@opentext.com"}