3.5

CVE-2024-42208

Medienbericht

HCL Connections is vulnerable to an information disclosure vulnerability

HCL Connections is vulnerable to an information disclosure vulnerability which could allow a user to obtain sensitive information they are not entitled to, caused by improper handling of request data.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
HcltechConnections Version7.0
HcltechConnections Version8.0 Updatecumulative_release1
HcltechConnections Version8.0 Updatecumulative_release2
HcltechConnections Version8.0 Updatecumulative_release3
HcltechConnections Version8.0 Updatecumulative_release4
HcltechConnections Version8.0 Updatecumulative_release5
HcltechConnections Version8.0 Updatecumulative_release6
HcltechConnections Version8.0 Updatecumulative_release7
HcltechConnections Version8.0 Updatecumulative_release8
Zu dieser CVE wurde keine Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 0.25% 0.163
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
psirt@hcl.com 3.5 2.1 1.4
CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:L/I:N/A:N
CWE-200 Exposure of Sensitive Information to an Unauthorized Actor

The product exposes sensitive information to an actor that is not explicitly authorized to have access to that information.

Für Zugriff zu Vulnerability Intelligence ist ein VulnDex Zugang erforderlich.
VulnDex Intel
Media Report
09.08.2025 11:36
https://support.hcl-software.com/csm?id=kb_article&sysparm_article=KB0120347
Vendor Advisory