nvd-json-data-feeds/CVE-2025/CVE-2025-08xx/CVE-2025-0883.json

{
  "id": "CVE-2025-0883",
  "sourceIdentifier": "security@opentext.com",
  "published": "2025-03-12T16:15:20.353",
  "lastModified": "2025-03-12T16:15:20.353",
  "vulnStatus": "Awaiting Analysis",
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "Improper Neutralization of Script in an Error Message Web Page vulnerability in OpenText\u2122 Service Manager.\u00a0\n\nThe vulnerability could reveal sensitive information retained by the browser.\n\nThis issue affects Service Manager: 9.70, 9.71, 9.72, 9.80."
    },
    {
      "lang": "es",
      "value": "Vulnerabilidad de neutralizaci\u00f3n incorrecta de scripts en una p\u00e1gina web de mensajes de error en OpenText\u2122 Service Manager. Esta vulnerabilidad podr\u00eda revelar informaci\u00f3n confidencial retenida por el navegador. Este problema afecta a Service Manager: 9.70, 9.71, 9.72 y 9.80."
    }
  ],
  "metrics": {
    "cvssMetricV40": [
      {
        "source": "security@opentext.com",
        "type": "Secondary",
        "cvssData": {
          "version": "4.0",
          "vectorString": "CVSS:4.0/AV:N/AC:H/AT:P/PR:L/UI:P/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:P/AU:N/R:A/V:C/RE:M/U:Green",
          "baseScore": 2.1,
          "baseSeverity": "LOW",
          "attackVector": "NETWORK",
          "attackComplexity": "HIGH",
          "attackRequirements": "PRESENT",
          "privilegesRequired": "LOW",
          "userInteraction": "PASSIVE",
          "vulnConfidentialityImpact": "LOW",
          "vulnIntegrityImpact": "LOW",
          "vulnAvailabilityImpact": "NONE",
          "subConfidentialityImpact": "NONE",
          "subIntegrityImpact": "NONE",
          "subAvailabilityImpact": "NONE",
          "exploitMaturity": "NOT_DEFINED",
          "confidentialityRequirement": "NOT_DEFINED",
          "integrityRequirement": "NOT_DEFINED",
          "availabilityRequirement": "NOT_DEFINED",
          "modifiedAttackVector": "NOT_DEFINED",
          "modifiedAttackComplexity": "NOT_DEFINED",
          "modifiedAttackRequirements": "NOT_DEFINED",
          "modifiedPrivilegesRequired": "NOT_DEFINED",
          "modifiedUserInteraction": "NOT_DEFINED",
          "modifiedVulnConfidentialityImpact": "NOT_DEFINED",
          "modifiedVulnIntegrityImpact": "NOT_DEFINED",
          "modifiedVulnAvailabilityImpact": "NOT_DEFINED",
          "modifiedSubConfidentialityImpact": "NOT_DEFINED",
          "modifiedSubIntegrityImpact": "NOT_DEFINED",
          "modifiedSubAvailabilityImpact": "NOT_DEFINED",
          "Safety": "PRESENT",
          "Automatable": "NO",
          "Recovery": "AUTOMATIC",
          "valueDensity": "CONCENTRATED",
          "vulnerabilityResponseEffort": "MODERATE",
          "providerUrgency": "GREEN"
        }
      }
    ]
  },
  "weaknesses": [
    {
      "source": "security@opentext.com",
      "type": "Primary",
      "description": [
        {
          "lang": "en",
          "value": "CWE-81"
        }
      ]
    }
  ],
  "references": [
    {
      "url": "https://portal.microfocus.com/s/article/KM000037099?language=en_US",
      "source": "security@opentext.com"
    }
  ]
}