Lucene search

[email protected]CVE-2022-38661

HistoryDec 12, 2022 - 1:15 p.m.

CVE-2022-38661

2022-12-1213:15:14

[email protected]

web.nvd.nist.gov

hcl workload automation

system crash

local user

cve-2022-38661

nvd

7.1 High

CVSS3

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H

6.7 Medium

AI Score

Confidence

High

0.0004 Low

EPSS

Percentile

5.1%

JSON

HCL Workload Automation could allow a local user to overwrite key system files which would cause the system to crash.

Affected configurations

NVD

Node

hcltechswhcl_workload_automationRange≤9.4.0.7

hcltechswhcl_workload_automationRange9.5.0.0–9.5.0.5

CPENameOperatorVersion
hcltechsw:hcl_workload_automationhcltechsw hcl workload automationle9.4.0.7
hcltechsw:hcl_workload_automationhcltechsw hcl workload automationle9.5.0.5

CPE	Name	Operator	Version
hcltechsw:hcl_workload_automation	hcltechsw hcl workload automation	le	9.4.0.7
hcltechsw:hcl_workload_automation	hcltechsw hcl workload automation	le	9.5.0.5

CNA Affected

[
  {
    "defaultStatus": "unaffected",
    "product": "HCL Workload Automation",
    "vendor": "HCL Software",
    "versions": [
      {
        "status": "affected",
        "version": "< 9.4.0.7, < 9.5.0.5"
      }
    ]
  }
]

References

support.hcltechsw.com/csm?id=kb_article&sysparm_article=KB0100939

7.1 High

CVSS3

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H

6.7 Medium

AI Score

Confidence

High

0.0004 Low

EPSS

Percentile

5.1%

JSON

Related for CVE-2022-38661

cvelist1 nvd1 prion1