CVE-2023-23347

Опубликовано: 09 авг. 2023

Источник: nvd

CVSS3: 6.4

CVSS3: 7.1

EPSS Низкий

Описание

HCL DRYiCE iAutomate is affected by the use of a broken cryptographic algorithm. An attacker can potentially compromise the confidentiality and integrity of sensitive information.

Ссылки

https://support.hcltechsw.com/csm?id=kb_article&sysparm_article=KB0106674
Vendor Advisory
https://support.hcltechsw.com/csm?id=kb_article&sysparm_article=KB0106674
Vendor Advisory

Уязвимые конфигурации

Конфигурация 1

Одно из

cpe:2.3:a:hcltech:dryice_iautomate:6.0:*:*:*:*:*:*:*

cpe:2.3:a:hcltech:dryice_iautomate:6.1:*:*:*:*:*:*:*

cpe:2.3:a:hcltech:dryice_iautomate:6.2:*:*:*:*:*:*:*

EPSS

Процентиль: 10%

0.00035

Низкий

6.4 Medium

CVSS3

7.1 High

CVSS3

Дефекты

CWE-327

Связанные уязвимости

GHSA-ph2h-6cc9-xf5r

CVSS3: 6.4

github

больше 2 лет назад

HCL DRYiCE iAutomate is affected by the use of a broken cryptographic algorithm. An attacker can potentially compromise the confidentiality and integrity of sensitive information.

EPSS

Процентиль: 10%

0.00035

Низкий

6.4 Medium

CVSS3

7.1 High

CVSS3

Дефекты

CWE-327