Vulnerability Description: Improper Input Validation – CWE-20
Software Version: 10.x, 11.1.1-24 or lower, 12.0.4-18 or lower
NIST: https://nvd.nist.gov/vuln/detail/CVE-2023-7248
CVSv3: 9.8
Severity: Critical
Credits: Gabriele Duchi, Davide Brian Di Campi, Tiziano Di Vincenzo, Massimiliano Brolli
Certain functionality in OpenText Vertica Management console might be prone to bypass via crafted requests. The vulnerability would affect one of Vertica’s authentication functionalities by allowing specially crafted requests and sequences.