CVE-2024-23551

MEDIUM

Database Scanning - Info Disclosure

Title source: llm

Description

Database scanning using username and password stores the credentials in plaintext or encoded format within files at the endpoint. This has been identified as a significant security risk. This will lead to exposure of sensitive information for unauthorized access, potentially leading to severe consequences such as data breaches, unauthorized data manipulation, and compromised system integrity.

References (1)

Core 1

Core References

Various Sources

https://support.hcltechsw.com/csm?id=kb_article&sysparm_article=KB0112963

Scores

CVSS v3 6.5

EPSS 0.0017

EPSS Percentile 6.7%

Attack Vector LOCAL

CVSS:3.1/AV:L/AC:L/PR:H/UI:R/S:U/C:H/I:H/A:H

CISA SSVC

Vulnrichment

Exploitation none

Automatable no

Technical Impact total

Details

CWE

CWE-522

Status published

Products (1)

HCL Software/BigFix Compliance v9.x, v10.x, v11.x

Published May 07, 2024

Tracked Since Feb 18, 2026