CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2024-30155

HCL SX does not set the secure attribute on authorization tokens or session cookies. Attackers may potentially be able to obtain access to the cookie values via a Cross-Site-Forgery-Request (CSRF).

Exploit prediction scoring system (EPSS) score

EPSS Score 0.0

EPSS Ranking 9.7%

CVSS Severity

CVSS v3 Score 5.5

References

https://support.hcl-software.com/csm?id=kb_article&sysparm_article=KB0120110

Products affected by CVE-2024-30155

Hcltech » Hcl Sx » Version: 21

cpe:2.3:a:hcltech:hcl_sx:21

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2024-30155

Products

Pricing

Contact Us