EUVD-2025-208642CVSS Vector
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:L/VI:N/VA:N/SC:L/SI:N/SA:N/AU:Y/R:U
Lifecycle Timeline
3Description
Improper neutralization of input during web page generation ('cross-site scripting') vulnerability in OpenText™ Vertica allows Reflected XSS. The vulnerability could lead to Reflected XSS attack of cross-site scripting in Vertica management console application.This issue affects Vertica: from 10.0 through 10.X, from 11.0 through 11.X, from 12.0 through 12.X, from 23.0 through 23.X, from 24.0 through 24.X, from 25.1.0 through 25.1.X.
Analysis
This vulnerability is a Reflected Cross-Site Scripting (XSS) flaw in OpenText Vertica's management console that fails to properly neutralize user input during web page generation. The issue affects Vertica versions 10.0 through 25.1.x across multiple major version branches, allowing attackers to inject malicious scripts that execute in users' browsers. With a CVSS score of 5.1 (medium severity) and a network attack vector requiring only user interaction, this vulnerability poses a moderate but exploitable risk to Vertica deployments, particularly those exposing the management console to untrusted networks.
Technical Context
The vulnerability stems from improper input validation and output encoding in the Vertica management console web application, which is classified under CWE-79 (Improper Neutralization of Input During Web Page Generation). The root cause involves the console accepting user-supplied input (likely via URL parameters or form fields) and reflecting it back in HTTP responses without adequate HTML entity encoding or content security measures. This allows attackers to break out of the intended data context and inject arbitrary JavaScript code. The CVSS 4.0 vector (AV:N/AC:L/AT:N/PR:N/UI:A/VC:L/VI:N/VA:N/SC:L/SI:N/SA:N/AU:Y/R:U) indicates network accessibility with low attack complexity, requires user interaction and authentication context awareness, and results in low confidentiality impact on the vulnerable component with limited scope.
Affected Products
OpenText Vertica management console is vulnerable across multiple major and minor version branches: versions 10.0 through 10.X, 11.0 through 11.X, 12.0 through 12.X, 23.0 through 23.X, 24.0 through 24.X, and 25.1.0 through 25.1.X. The vulnerability has been officially documented by OpenText (now part of the OpenText Vertica product line) and should be referenced against the CPE identifier cpe:2.3:a:opentext:vertica for precise inventory matching. Organizations running any of these versions with the management console exposed to network access are potentially affected. Consult the OpenText security advisory at https://security.opentext.com for official confirmation and patch availability details.
Remediation
The primary remediation is to upgrade OpenText Vertica to the patched version released by OpenText (specific version numbers should be confirmed via the official OpenText security advisory). Until patches can be applied, implement the following interim controls: restrict network access to the Vertica management console to trusted IP ranges and authenticated users only, deploy a Web Application Firewall (WAF) with rules to detect and block reflected XSS payloads in HTTP parameters, enforce HTTPS-only connections with HSTS headers, and implement Content Security Policy (CSP) headers to prevent inline script execution. Additionally, disable or isolate the management console from untrusted networks where possible, and conduct user awareness training to reduce phishing attacks targeting administrators with XSS payloads. Refer to the OpenText Vertica security advisory and release notes for the exact patched version numbers and deployment instructions.
Priority Score
Share
External POC / Exploit Code
Leaving vuln.today