CVE-2024-23551

HCL BigFix Compliance is potentially affected by Oracle database credentials stored at endpoint

Description

Database scanning using username and password stores the credentials in plaintext or encoded format within files at the endpoint. This has been identified as a significant security risk. This will lead to exposure of sensitive information for unauthorized access, potentially leading to severe consequences such as data breaches, unauthorized data manipulation, and compromised system integrity.

INFO

Published Date :

2024-05-07T21:46:54.285Z

Last Modified :

2024-08-01T23:06:25.195Z

Source :

HCL

AFFECTED PRODUCTS

The following products are affected by CVE-2024-23551 vulnerability.

No data.

REFERENCES

Here, you will find a curated list of external links that provide in-depth information to CVE-2024-23551.

URL	Resource
https://support.hcltechsw.com/csm?id=kb_article&sysparm_article=KB0112963

CVSS Vulnerability Scoring System

V3.1

Detailed values of each vector for above chart.

Attack Vector

Attack Complexity

Privileges Required

User Interaction

Scope

Confidentiality Impact

Integrity Impact

Availability Impact