Lucene search

HCLCVELIST:CVE-2022-27551

HistoryAug 01, 2022 - 12:00 a.m.

CVE-2022-27551 HCL Launch could allow an authenticated user to obtain sensitive information (CVE-2022-27551)

2022-08-0100:00:00

CWE-863

HCL

www.cve.org

5.3 Medium

CVSS3

Attack Vector

NETWORK

Attack Complexity

HIGH

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

NONE

Availability Impact

NONE

CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N

6.4 Medium

AI Score

Confidence

High

0.001 Low

EPSS

Percentile

28.6%

JSON

HCL Launch could allow an authenticated user to obtain sensitive information in some instances due to improper security checking.

CNA Affected

[
  {
    "product": "HCL Launch",
    "vendor": "HCL Software",
    "versions": [
      {
        "status": "affected",
        "version": "< 6.2.7.16, 7-7.0.5.11, 7.1-7.1.2.7; 7.2-7.2.3.0"
      }
    ]
  }
]

References

support.hcltechsw.com/csm?id=kb_article&sysparm_article=KB0099732

5.3 Medium

CVSS3

Attack Vector

NETWORK

Attack Complexity

HIGH

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

NONE

Availability Impact

NONE

CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N

6.4 Medium

AI Score

Confidence

High

0.001 Low

EPSS

Percentile

28.6%

JSON

Related for CVELIST:CVE-2022-27551