CVE-2024-23563 LOW

CVE-2024-23563: HCL Connections Docs is vulnerable to a sensitive information disclosure

Vendor Hcl Software
Product Connections Docs
Weakness CWE-200 · Info exposure
Published February 12, 2025
Last update February 12, 2025

CVSS base score

3.9/10
Attack vector Local
Attack complexity Low
Privileges required Low
User interaction Required
Confidentiality Low
Integrity Low

CVSS vector

CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:L/I:L/A:N

What the vulnerability does

01Description

HCL Connections Docs is vulnerable to a sensitive information disclosure which could allow a user to obtain sensitive information they are not entitled to, caused by improper handling of request data.

Key dates

02Disclosure timeline

February 12, 2025 CVE published
February 12, 2025 Record updated