exploitDog

CVE-2024-30107

Опубликовано: 18 апр. 2024

Источник: nvd

CVSS3: 3.5

CVSS3: 6.5

EPSS Низкий

Описание

HCL Connections contains a broken access control vulnerability that may expose sensitive information to unauthorized users in certain scenarios.

Ссылки

https://support.hcltechsw.com/csm?id=kb_article&sysparm_article=KB0112489
Vendor Advisory
https://support.hcltechsw.com/csm?id=kb_article&sysparm_article=KB0112489
Vendor Advisory

Уязвимые конфигурации

Конфигурация 1

Одно из

cpe:2.3:a:hcltech:connections:7.0:*:*:*:*:*:*:*

cpe:2.3:a:hcltech:connections:8.0:-:*:*:*:*:*:*

cpe:2.3:a:hcltech:connections:8.0:cumulative_release1:*:*:*:*:*:*

cpe:2.3:a:hcltech:connections:8.0:cumulative_release2:*:*:*:*:*:*

cpe:2.3:a:hcltech:connections:8.0:cumulative_release3:*:*:*:*:*:*

cpe:2.3:a:hcltech:connections:8.0:cumulative_release4:*:*:*:*:*:*

EPSS

Процентиль: 49%

0.00263

Низкий

3.5 Low

CVSS3

6.5 Medium

CVSS3

Дефекты

CWE-284

Связанные уязвимости

GHSA-mx2h-33cr-3q5j

CVSS3: 3.5

github

почти 2 года назад

HCL Connections contains a broken access control vulnerability that may expose sensitive information to unauthorized users in certain scenarios.

EPSS

Процентиль: 49%

0.00263

Низкий

3.5 Low

CVSS3

6.5 Medium

CVSS3

Дефекты

CWE-284