Critical Vulnerabilities Patched in OpenText Enterprise Content Management System

The second critical flaw, CVE-2022-45927, impacts the Java Frontend of the OpenText Content Server component and can allow an attacker to bypass authentication. Sec Consult has also identified five types of vulnerabilities in the Content Server component that can be exploited by authenticated attackers. Several vulnerabilities described as having critical and high impact, including ones allowing unauthenticated remote code execution, have been found and patched in OpenText’s enterprise content management (ECM) product.