CVE-2024-30110

{"id": "CVE-2024-30110", "metrics": {"cvssMetricV31": [{"type": "Secondary", "source": "psirt@hcl.com", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 3.7, "attackVector": "NETWORK", "baseSeverity": "LOW", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N", "integrityImpact": "NONE", "userInteraction": "NONE", "attackComplexity": "HIGH", "availabilityImpact": "NONE", "privilegesRequired": "NONE", "confidentialityImpact": "LOW"}, "impactScore": 1.4, "exploitabilityScore": 2.2}]}, "published": "2024-06-28T07:15:05.077", "references": [{"url": "https://support.hcltechsw.com/csm?id=kb_article&sysparm_article=KB0114193", "source": "psirt@hcl.com"}, {"url": "https://support.hcltechsw.com/csm?id=kb_article&sysparm_article=KB0114193", "source": "af854a3a-2127-422b-91ae-364da2661108"}], "vulnStatus": "Awaiting Analysis", "weaknesses": [{"type": "Secondary", "source": "psirt@hcl.com", "description": [{"lang": "en", "value": "CWE-20"}]}], "descriptions": [{"lang": "en", "value": "HCL DRYiCE\nAEX product is impacted by lack of input validation vulnerability in a particular web application. A malicious script can be injected into a system which\ncan cause the system to behave in unexpected ways."}, {"lang": "es", "value": "El producto HCL DRYiCE AEX se ve afectado por una vulnerabilidad de falta de validaci\u00f3n de entrada en una aplicaci\u00f3n web en particular. Se puede inyectar un script malicioso en un sistema que puede hacer que el sistema se comporte de maneras inesperadas."}], "lastModified": "2024-11-21T09:11:17.260", "sourceIdentifier": "psirt@hcl.com"}