CVE-2024-30125

HCL BigFix Compliance server can respond with an HTTP status of 500, indicating a server-side error that may cause the server process to die.

CVSS v3 6.2 MEDIUM

6.2^/10

CVSS v3 : MEDIUM

V3 Legend

Vector :

Exploitability : 1.4 / Impact : 4.7

Attack Vector LOCAL

Attack Complexity HIGH

Privileges Required NONE

User Interaction NONE

Confidentiality Impact LOW

Integrity Impact HIGH

Availability Impact LOW

Scope UNCHANGED

References

Link	Resource
https://support.hcltechsw.com/csm?id=kb_article&sysparm_article=KB0113886
https://support.hcltechsw.com/csm?id=kb_article&sysparm_article=KB0113886

Configurations

No configuration.

History

21 Nov 2024, 09:11

Type	Values Removed	Values Added
References	~~() https://support.hcltechsw.com/csm?id=kb_article&sysparm_article=KB0113886 -~~	() https://support.hcltechsw.com/csm?id=kb_article&sysparm_article=KB0113886 -

12 Nov 2024, 21:35

Type	Values Removed	Values Added
CWE		CWE-918

19 Jul 2024, 13:01

Type	Values Removed	Values Added
Summary		(es) El servidor HCL BigFix Compliance puede responder con un estado HTTP de 500, lo que indica un error del lado del servidor que puede provocar la interrupción del proceso del servidor.

18 Jul 2024, 20:15

Type	Values Removed	Values Added
Summary	~~(en) The server responded with an HTTP status of 500, indicating a server-side error that may cause the server process to die.~~	(en) HCL BigFix Compliance server can respond with an HTTP status of 500, indicating a server-side error that may cause the server process to die.

18 Jul 2024, 18:15

Type	Values Removed	Values Added
New CVE

Information

Published : 2024-07-18 18:15

Updated : 2024-11-21 09:11

NVD link : CVE-2024-30125

Mitre link : CVE-2024-30125

CVE.ORG link : CVE-2024-30125

JSON object : View

Products Affected

No product.

CWE

CWE-918

Server-Side Request Forgery (SSRF)

6.2 /10