Lucene search

PRIOn knowledge basePRION:CVE-2023-28022

HistoryDec 15, 2023 - 11:15 p.m.

Information disclosure

2023-12-1523:15:00

PRIOn knowledge base

www.prio-n.com

hcl connections

information disclosure

vulnerability

sensitive information

improper handling

nvd

6.5 Medium

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

NONE

Availability Impact

NONE

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

6.4 Medium

AI Score

Confidence

Low

4 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

SINGLE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:N/AC:L/Au:S/C:P/I:N/A:N

0.0005 Low

EPSS

Percentile

15.2%

JSON

HCL Connections is vulnerable to an information disclosure vulnerability which could allow a user to obtain sensitive information they are not entitled to, caused by improper handling of request data.

CPENameOperatorVersion
connectionseq6.5
connectionseq6.0
connectionseq8.0
connectionseq7.0

Name	Operator	Version
connections	eq	6.5
connections	eq	6.0
connections	eq	8.0
connections	eq	7.0

References

support.hcltechsw.com/csm?id=kb_article&sysparm_article=KB0108433

6.5 Medium

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

NONE

Availability Impact

NONE

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

6.4 Medium

AI Score

Confidence

Low

4 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

SINGLE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:N/AC:L/Au:S/C:P/I:N/A:N

0.0005 Low

EPSS

Percentile

15.2%

JSON

Related for PRION:CVE-2023-28022