CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2024-30152 – HCL SX is affected by usage of a weak cryptographic algorithm
https://notcve.org/view.php?id=CVE-2024-30152
25 Apr 2025 — HCL SX v21 is affected by usage of a weak cryptographic algorithm. An attacker could exploit this weakness to gain access to sensitive information, modify data, or other impacts. • https://support.hcl-software.com/csm?id=kb_article&sysparm_article=KB0120735 • CWE-327: Use of a Broken or Risky Cryptographic Algorithm •
CVSS: 5.5EPSS: 0%CPEs: 1EXPL: 0CVE-2024-30155 – HCL SX is susceptible to cookie with Insecure, Improper, or Missing SameSite attribute vulnerability
https://notcve.org/view.php?id=CVE-2024-30155
26 Mar 2025 — HCL SX does not set the secure attribute on authorization tokens or session cookies. Attackers may potentially be able to obtain access to the cookie values via a Cross-Site-Forgery-Request (CSRF). • https://support.hcl-software.com/csm?id=kb_article&sysparm_article=KB0120110 • CWE-1275: Sensitive Cookie with Improper SameSite Attribute •
CVSS: 5.3EPSS: 0%CPEs: 1EXPL: 0CVE-2024-30154 – HCL SX is susceptible to a Cross-Site Request Forgery (CSRF) vulnerability
https://notcve.org/view.php?id=CVE-2024-30154
03 Mar 2025 — HCL SX is vulnerable to cross-site request forgery vulnerability which could allow an attacker to execute malicious and unauthorized actions transmitted from a user that the website trusts. • https://support.hcl-software.com/csm?id=kb_article&sysparm_article=KB0119437 • CWE-352: Cross-Site Request Forgery (CSRF) •