CVE-2024-23551

MEDIUM

Database Scanning - Info Disclosure

Title source: llm

Description

Database scanning using username and password stores the credentials in plaintext or encoded format within files at the endpoint. This has been identified as a significant security risk. This will lead to exposure of sensitive information for unauthorized access, potentially leading to severe consequences such as data breaches, unauthorized data manipulation, and compromised system integrity.

References (1)

[Various Sources] https://support.hcltechsw.com/csm?id=kb_article&sysparm_article=KB0112963

Scores

CVSS v3 6.5

EPSS 0.0005

EPSS Percentile 14.8%

Attack Vector LOCAL

CVSS:3.1/AV:L/AC:L/PR:H/UI:R/S:U/C:H/I:H/A:H

Classification

CWE

CWE-522

Status draft

Timeline

Published May 07, 2024

Tracked Since Feb 18, 2026