Severity by source
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:L/VI:N/VA:N/SC:L/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:N/AU:Y/R:U/V:X/RE:X/U:X
Primary rating from NVD · only source for this CVE.
CVSS VectorNVD
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:L/VI:N/VA:N/SC:L/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:N/AU:Y/R:U/V:X/RE:X/U:X
Lifecycle Timeline
3DescriptionCVE.org
Observable response discrepancy vulnerability in OpenText™ Vertica allows Password Brute Forcing. The vulnerability could lead to Password Brute Forcing in Vertica management console application.This issue affects Vertica: from 10.0 through 10.X, from 11.0 through 11.X, from 12.0 through 12.X.
AnalysisAI
An observable response discrepancy vulnerability in OpenText Vertica's management console allows attackers to perform password brute-force attacks by analyzing differences in application responses. This affects Vertica versions 10.0 through 10.X, 11.0 through 11.X, and 12.0 through 12.X. The vulnerability requires network access and user interaction but enables attackers to systematically guess passwords against valid user accounts without account lockout protection differentiating failed attempts.
Technical ContextAI
This vulnerability is rooted in CWE-204 (Observable Response Discrepancy), where the Vertica management console application fails to implement consistent response patterns for authentication failures. The affected systems are identified via CPE strings covering OpenText Vertica versions across three major release branches (10.x, 11.x, 12.x). Rather than using cryptographic timing-safe comparisons or uniform response delays, the authentication mechanism leaks information through observable differences in HTTP response timing, status codes, or content that allows an attacker to distinguish between invalid credentials and valid usernames with invalid passwords. This is a classic information disclosure vulnerability that transforms a failed authentication into a reconnaissance tool for credential enumeration.
RemediationAI
Immediately upgrade to patched versions of Vertica as specified in the OpenText security advisory—contact OpenText support or consult their vulnerability bulletin for the exact patched version numbers for your release branch (10.X, 11.X, or 12.X). As interim mitigation before patching is possible, implement the following: (1) restrict network access to the Vertica management console to trusted IP ranges using firewall rules or VPN; (2) enforce account lockout policies after a small number of failed authentication attempts (e.g., 3-5 attempts within 15 minutes); (3) implement rate-limiting on authentication endpoints to slow brute-force attacks; (4) enable audit logging for all authentication failures and configure alerting on repeated failed login attempts; (5) require multi-factor authentication (MFA) if supported by your Vertica version to prevent credential-only compromise; (6) use strong, randomly-generated passwords and disable default accounts. Prioritize patching over relying on mitigations, as network controls can be circumvented and administrative access to databases is high-value.
The validateAdminConfig handler in the Analytics Management Console in HPE Vertica 7.0.x before 7.0.2.12, 7.1.x before 7
The vertica-udx-zygote process in HP Vertica 7.1.1 UDx does not require authentication, which allows remote attackers to
Incorrect Permission Assignment for Critical Resource vulnerability in OpenText™ Vertica could allow Privilege Abuse and
A Reflected Cross-Site Scripting (XSS) vulnerability exists in OpenText Vertica's management console application due to
This vulnerability is a Reflected Cross-Site Scripting (XSS) flaw in OpenText Vertica's management console that fails to
Same weakness CWE-204 – Observable Response Discrepancy
View allSame technique Information Disclosure
View allShare
External POC / Exploit Code
Leaving vuln.today
EUVD-2025-208643