Lucene search
K

6 matches found

NVD
NVD
added 2024/05/14 1:20 p.m.17 views

CVE-2023-37526

HCL DRYiCE Lucy now AEX is affected by a Cross Origin Resource Sharing CORS vulnerability. The mobile app is vulnerable to a CORS misconfiguration which could potentially allow unauthorized access to the application resources from any web domain and enable cache poisoning attacks...

6.5CVSS6.4AI score0.00434EPSS
Exploits0References1
CNNVD
CNNVD
added 2024/05/14 12:0 a.m.7 views

HCL DRYiCE Lucy 安全漏洞

HCL Technologies HCL DRYiCE Lucy is an AI-powered virtual assistant from HCL Technologies, USA. A security vulnerability exists in HCL DRYiCE Lucy that stems from vulnerability to CORS misconfiguration...

6.5CVSS6.8AI score0.00434EPSS
Exploits0References2
Cvelist
Cvelist
added 2024/05/10 5:16 p.m.20 views

CVE-2023-37526 HCL DRYiCE Lucy v9 (now AEX) is affected by a Cross Origin Resource Sharing (CORS) Vulnerability

HCL DRYiCE Lucy now AEX is affected by a Cross Origin Resource Sharing CORS vulnerability. The mobile app is vulnerable to a CORS misconfiguration which could potentially allow unauthorized access to the application resources from any web domain and enable cache poisoning attacks...

6.5CVSS6.6AI score0.00434EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2024/05/10 5:16 p.m.13 views

CVE-2023-37526 HCL DRYiCE Lucy v9 (now AEX) is affected by a Cross Origin Resource Sharing (CORS) Vulnerability

HCL DRYiCE Lucy now AEX is affected by a Cross Origin Resource Sharing CORS vulnerability. The mobile app is vulnerable to a CORS misconfiguration which could potentially allow unauthorized access to the application resources from any web domain and enable cache poisoning attacks...

6.5CVSS6.8AI score0.00434EPSS
Exploits0References1
CVE
CVE
added 2024/05/10 5:16 p.m.29 views

CVE-2023-37526

The CVE-2023-37526 entry concerns HCL DRYiCE Lucy (now AEX). A CORS misconfiguration in the mobile app could allow unauthorized access to application resources from any web domain and enable cache poisoning, per sources in NVD/CVE records. The root cause is a CORS misconfiguration in the app, wit...

6.5CVSS6.7AI score0.00434EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2024/05/10 12:0 a.m.5 views

PT-2024-12630 · Hcl · Hcl Dryice Lucy

Name of the Vulnerable Software and Affected Versions: HCL DRYiCE Lucy now AEX affected versions not specified Description: The issue is related to a Cross Origin Resource Sharing CORS misconfiguration in the mobile app, which could allow unauthorized access to application resources from any web...

6.5CVSS6.8AI score0.00434EPSS
Exploits0References2
Rows per page
Query Builder