CVE-2024-23557

HCL Connections contains a user enumeration vulnerability. Certain actions could allow an attacker to determine if the user is valid or not, leading to a possible brute force attack.

CVSS v3 3.5 LOW

3.5^/10

CVSS v3 : LOW

V3 Legend

Vector :

Exploitability : 2.1 / Impact : 1.4

Attack Vector NETWORK

Attack Complexity LOW

Privileges Required LOW

User Interaction REQUIRED

Confidentiality Impact LOW

Integrity Impact NONE

Availability Impact NONE

Scope UNCHANGED

References

Link	Resource
https://support.hcltechsw.com/csm?id=kb_article&sysparm_article=KB0112488

Configurations

No configuration.

History

19 Apr 2024, 13:10

Type	Values Removed	Values Added
Summary		(es) HCL Connections contiene una vulnerabilidad de enumeración de usuarios. Ciertas acciones podrían permitir a un atacante determinar si el usuario es válido o no, lo que daría lugar a un posible ataque de fuerza bruta.

18 Apr 2024, 19:15

Type	Values Removed	Values Added
New CVE

Information

Published : 2024-04-18 19:15

Updated : 2024-04-19 13:10

NVD link : CVE-2024-23557

Mitre link : CVE-2024-23557

CVE.ORG link : CVE-2024-23557

JSON object : View

Products Affected

No product.

CWE

No CWE.

3.5 /10