4 results (0.005 seconds)

CVSS: 3.3EPSS: 0%CPEs: 1EXPL: 0

HCL DRYiCE AEX is potentially impacted by disclosure of sensitive information in the mobile application when a snapshot is taken. • https://support.hcltechsw.com/csm?id=kb_article&sysparm_article=KB0114193 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •

CVSS: 3.3EPSS: 0%CPEs: 1EXPL: 0

HCL DRYiCE AEX product is impacted by Missing Root Detection vulnerability in the mobile application. The mobile app can be installed in the rooted device due to which malicious users can gain unauthorized access to the rooted devices, compromising security and potentially leading to data breaches or other malicious activities. • https://support.hcltechsw.com/csm?id=kb_article&sysparm_article=KB0114193 • CWE-1326: Missing Immutable Root of Trust in Hardware •

CVSS: 3.7EPSS: 0%CPEs: 1EXPL: 0

HCL DRYiCE AEX product is impacted by lack of input validation vulnerability in a particular web application. A malicious script can be injected into a system which can cause the system to behave in unexpected ways. • https://support.hcltechsw.com/csm?id=kb_article&sysparm_article=KB0114193 • CWE-20: Improper Input Validation •

CVSS: 3.7EPSS: 0%CPEs: 1EXPL: 0

HCL DRYiCE AEX is impacted by a lack of clickjacking protection in the AEX web application. An attacker can use multiple transparent or opaque layers to trick a user into clicking on a button or link on another page than the one intended. • https://support.hcltechsw.com/csm?id=kb_article&sysparm_article=KB0114193 • CWE-1021: Improper Restriction of Rendered UI Layers or Frames •