CVE-2024-23579

MEDIUM

HCL DRYiCE Optibot Reset Station - Info Disclosure

Title source: llm

Description

HCL DRYiCE Optibot Reset Station is impacted by insecure encryption of security questions. This could allow an attacker with access to the database to recover some or all encrypted values.

References (1)

[Various Sources] https://support.hcltechsw.com/csm?id=kb_article&sysparm_article=KB0113496

Scores

CVSS v3 6.5

EPSS 0.0013

EPSS Percentile 32.8%

Attack Vector NETWORK

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

CISA SSVC

Vulnrichment

Exploitation none

Automatable no

Technical Impact partial

Details

CWE

CWE-326

Status published

Products (1)

HCL Software/DRYiCE Optibot Reset Station 1.0, 2.0

Published May 28, 2024

Tracked Since Feb 18, 2026