CVE-2025-13478

High CVSS: 8.4

Cache misconfiguration vulnerability in OpenText Identity Manager on Windows, Linux allows remote authenticated users to obtain another user's session data via insecure application cache handling. This issue affects Identity Manager: 25.2(v4.10.1).

Vendor

Product

CWE

CWE-522

Yayın Tarihi

2026-03-27 14:16:07

Güncelleme

2026-03-30 13:26:29

Source Identifier

security@opentext.com

KEV Date Added

Kategoriler

CWE-522 HIGH 2026

Referanslar

https://docs.microfocus.com/doc/2159/25.2/cvesecurityfix https://docs.microfocus.com/doc/2159/25.2/releasenotesidentitymanager4101patch01