CVE-2023-37541

Опубликовано: 25 июн. 2024

Источник: nvd

CVSS3: 3.5

CVSS3: 4.3

EPSS Низкий

Описание

HCL Connections contains a broken access control vulnerability that may allow unauthorized user to update data in certain scenarios.

Ссылки

https://support.hcl-software.com/csm?id=kb_article&sysparm_article=KB0119435
Vendor Advisory
https://support.hcltechsw.com/csm?id=kb_article&sysparm_article=KB0114156
Broken Link

Уязвимые конфигурации

Конфигурация 1

Одно из

cpe:2.3:a:hcltech:connections:7.0:*:*:*:*:*:*:*

cpe:2.3:a:hcltech:connections:8.0:-:*:*:*:*:*:*

cpe:2.3:a:hcltech:connections:8.0:cumulative_release1:*:*:*:*:*:*

cpe:2.3:a:hcltech:connections:8.0:cumulative_release2:*:*:*:*:*:*

cpe:2.3:a:hcltech:connections:8.0:cumulative_release3:*:*:*:*:*:*

cpe:2.3:a:hcltech:connections:8.0:cumulative_release4:*:*:*:*:*:*

cpe:2.3:a:hcltech:connections:8.0:cumulative_release5:*:*:*:*:*:*

cpe:2.3:a:hcltech:connections:8.0:cumulative_release6:*:*:*:*:*:*

cpe:2.3:a:hcltech:connections:8.0:cumulative_release7:*:*:*:*:*:*

cpe:2.3:a:hcltech:connections:8.0:cumulative_release8:*:*:*:*:*:*

cpe:2.3:a:hcltech:connections:8.0:cumulative_release9:*:*:*:*:*:*

EPSS

Процентиль: 46%

0.00235

Низкий

3.5 Low

CVSS3

4.3 Medium

CVSS3

Дефекты

NVD-CWE-noinfo

Связанные уязвимости

GHSA-jhhw-3vhx-mm3g

CVSS3: 3.5

github

больше 1 года назад

HCL Connections contains a broken access control vulnerability that may allow unauthorized user to update data in certain scenarios.

EPSS

Процентиль: 46%

0.00235

Низкий

3.5 Low

CVSS3

4.3 Medium

CVSS3

Дефекты

NVD-CWE-noinfo