Lucene search

HCLCVELIST:CVE-2024-30111

HistoryJun 28, 2024 - 6:39 a.m.

CVE-2024-30111 Missing Root Detection vulnerability affects DRYiCE AEX v10

2024-06-2806:39:36

CWE-1326

HCL

www.cve.org

dryice aex v10

missing root detection

hcl

mobile application

vulnerability

rooted device

unauthorized access

data breaches

3.3 Low

CVSS3

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality Impact

LOW

Integrity Impact

NONE

Availability Impact

NONE

CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N

0.0004 Low

EPSS

Percentile

9.1%

JSON

HCL DRYiCE AEX product is impacted by Missing
Root Detection vulnerability in the mobile application. The mobile app can be installed in the rooted
device due to which malicious users can gain unauthorized access to the rooted
devices, compromising security and potentially leading to data breaches or
other malicious activities.

CNA Affected

[
  {
    "defaultStatus": "unaffected",
    "product": "DRYiCE AEX",
    "vendor": "HCL Software",
    "versions": [
      {
        "status": "affected",
        "version": "10"
      }
    ]
  }
]

References

support.hcltechsw.com/csm?id=kb_article&sysparm_article=KB0114193

3.3 Low

CVSS3

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality Impact

LOW

Integrity Impact

NONE

Availability Impact

NONE

CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N

0.0004 Low

EPSS

Percentile

9.1%

JSON

Related for CVELIST:CVE-2024-30111