Lucene search
HistoryOct 31, 2022 - 10:15 p.m.
CVE-2021-27784
hcl launch container
https certificates
database encryption key
non-unique keys
fix
tools
standard installer packages
CVSS3
7.5
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
NONE
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
EPSS
0.001
Percentile
40.3%
The provided HCL Launch Container images contain non-unique HTTPS certificates and a database encryption key. The fix provides directions and tools to replace the non-unique keys and certificates. This does not affect the standard installer packages.
Affected configurations
Node
hcltechhcl_launch_container_imageRange7.0.0.0–7.0.52
ORhcltechhcl_launch_container_imageRange7.1.0.0–7.1.0.1
ORhcltechhcl_launch_container_imageRange7.2.0.0–7.2.3.0
ORhcltechhcl_launch_container_imageMatch7.1.0.1-
ORhcltechhcl_launch_container_imageMatch7.1.0.1ifix01
| Vendor | Product | Version | CPE |
|---|---|---|---|
| hcltech | hcl_launch_container_image | * | cpe:2.3:a:hcltech:hcl_launch_container_image:*:*:*:*:*:*:*:* |
| hcltech | hcl_launch_container_image | 7.1.0.1 | cpe:2.3:a:hcltech:hcl_launch_container_image:7.1.0.1:-:*:*:*:*:*:* |
| hcltech | hcl_launch_container_image | 7.1.0.1 | cpe:2.3:a:hcltech:hcl_launch_container_image:7.1.0.1:ifix01:*:*:*:*:*:* |
Related
cvelist
cvelist
prion
prion
Design/Logic Flaw
2022-10-31 22:15:00
cve
cve
CVE-2021-27784
2022-10-31 22:15:12
CVSS3
7.5
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
NONE
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
EPSS
0.001
Percentile
40.3%
Related for NVD:CVE-2021-27784