Lucene search
HCLCVELIST:CVE-2023-28018HistoryFeb 12, 2024 - 10:46 p.m.
CVE-2023-28018 HCL Connections s vulnerable to possible denial of service for certain users
2024-02-1222:46:34
HCL
www.cve.org
hcl connections
denial of service
vulnerability
improper validation
specially-crafted request
affected users
5.5 Medium
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
REQUIRED
Scope
UNCHANGED
Confidentiality Impact
LOW
Integrity Impact
LOW
Availability Impact
LOW
CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:L/I:L/A:L
0.0004 Low
EPSS
Percentile
9.1%
HCL Connections is vulnerable to a denial of service, caused by improper validation on certain requests. Using a specially-crafted request an attacker could exploit this vulnerability to cause denial of service for affected users.
CNA Affected
[
{
"defaultStatus": "unaffected",
"product": "HCL Connections",
"vendor": "HCL Software",
"versions": [
{
"status": "affected",
"version": "6.5, 7.0, 8.0"
}
]
}
]Related
cve
cve
CVE-2023-28018
2024-02-12 23:15:08
nvd
nvd
CVE-2023-28018
2024-02-12 23:15:08
prion
prion
Input validation
2024-02-12 23:15:00
5.5 Medium
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
REQUIRED
Scope
UNCHANGED
Confidentiality Impact
LOW
Integrity Impact
LOW
Availability Impact
LOW
CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:L/I:L/A:L
0.0004 Low
EPSS
Percentile
9.1%
Related for CVELIST:CVE-2023-28018