Lucene search

HCLCVELIST:CVE-2022-27563

HistoryAug 30, 2022 - 9:25 p.m.

CVE-2022-27563 Overload/denial of service affects HCL VersionVault Express

2022-08-3021:25:12

CWE-754

HCL

www.cve.org

cve-2022-27563

overload

denial of service

hcl versionvault express

unauthenticated user

CVSS3

7.5

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

EPSS

0.001

Percentile

40.4%

JSON

An unauthenticated user can overload a part of HCL VersionVault Express and cause a denial of service.

CNA Affected

[
  {
    "product": "HCL VersionVault Express",
    "vendor": "HCL Software",
    "versions": [
      {
        "status": "affected",
        "version": "2.0.1, 2.1.0"
      }
    ]
  }
]

References

support.hcltechsw.com/csm?id=kb_article&sysparm_article=KB0100274

CVSS3

7.5

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

EPSS

0.001

Percentile

40.4%

JSON

Related for CVELIST:CVE-2022-27563