CVE-2024-23579

HCL DRYiCE Optibot Reset Station is impacted by insecure encryption of security questions. This could allow an attacker with access to the database to recover some or all encrypted values.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTNIST
6.5 MEDIUM
NETWORK
LOW
LOW
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
HCLCNA
6.5 MEDIUM
NETWORK
LOW
LOW
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
CISA-ADPADP
---
---
CVEADP
---
---
Awaiting analysis
This vulnerability is currently awaiting analysis.
Base Score
CVSS 3.x
EPSS Score
Percentile: 16%
Common Weakness Enumeration
References
https://support.hcltechsw.com/csm?id=kb_article&sysparm_article=KB0113496
https://support.hcltechsw.com/csm?id=kb_article&sysparm_article=KB0113496