EUVD-2025-208643
CVSS Vector
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:L/VI:N/VA:N/SC:L/SI:N/SA:N/S:N/AU:Y/R:U
Lifecycle Timeline
3Description
Observable response discrepancy vulnerability in OpenText™ Vertica allows Password Brute Forcing. The vulnerability could lead to Password Brute Forcing in Vertica management console application.This issue affects Vertica: from 10.0 through 10.X, from 11.0 through 11.X, from 12.0 through 12.X.
Analysis
An observable response discrepancy vulnerability in OpenText Vertica's management console allows attackers to perform password brute-force attacks by analyzing differences in application responses. This affects Vertica versions 10.0 through 10.X, 11.0 through 11.X, and 12.0 through 12.X. The vulnerability requires network access and user interaction but enables attackers to systematically guess passwords against valid user accounts without account lockout protection differentiating failed attempts.
Technical Context
This vulnerability is rooted in CWE-204 (Observable Response Discrepancy), where the Vertica management console application fails to implement consistent response patterns for authentication failures. The affected systems are identified via CPE strings covering OpenText Vertica versions across three major release branches (10.x, 11.x, 12.x). Rather than using cryptographic timing-safe comparisons or uniform response delays, the authentication mechanism leaks information through observable differences in HTTP response timing, status codes, or content that allows an attacker to distinguish between invalid credentials and valid usernames with invalid passwords. This is a classic information disclosure vulnerability that transforms a failed authentication into a reconnaissance tool for credential enumeration.
Affected Products
OpenText Vertica versions 10.0 through the latest 10.X release, versions 11.0 through the latest 11.X release, and versions 12.0 through the latest 12.X release are affected, identified via CPE cpe:2.3:a:opentext:vertica. The vulnerability specifically impacts the Vertica management console application used for administrative authentication and control. Organizations running any of these three major version branches should assume their deployments are affected until vendor patches are applied. Refer to OpenText security advisories and the official Vertica vulnerability bulletin for confirmed patched versions and workaround guidance.
Remediation
Immediately upgrade to patched versions of Vertica as specified in the OpenText security advisory—contact OpenText support or consult their vulnerability bulletin for the exact patched version numbers for your release branch (10.X, 11.X, or 12.X). As interim mitigation before patching is possible, implement the following: (1) restrict network access to the Vertica management console to trusted IP ranges using firewall rules or VPN; (2) enforce account lockout policies after a small number of failed authentication attempts (e.g., 3-5 attempts within 15 minutes); (3) implement rate-limiting on authentication endpoints to slow brute-force attacks; (4) enable audit logging for all authentication failures and configure alerting on repeated failed login attempts; (5) require multi-factor authentication (MFA) if supported by your Vertica version to prevent credential-only compromise; (6) use strong, randomly-generated passwords and disable default accounts. Prioritize patching over relying on mitigations, as network controls can be circumvented and administrative access to databases is high-value.
Priority Score
Share
External POC / Exploit Code
Leaving vuln.today