CVE-2024-30110 LOW

CVE-2024-30110: Lack of input validation vulnerability affects DRYiCE AEX v10

Vendor Hcl Software

Product DRYiCE AEX

Weakness CWE-20 · Input validation

Published June 28, 2024

Last update August 2, 2024

View on NVD All CVEs

CVSS base score

3.7/10

Attack vector Network

Attack complexity High

Privileges required None

User interaction None

Confidentiality Low

Integrity None

CVSS vector

CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N

What the vulnerability does

01Description

HCL DRYiCE AEX product is impacted by lack of input validation vulnerability in a particular web application. A malicious script can be injected into a system which can cause the system to behave in unexpected ways.

Key dates

02Disclosure timeline

June 28, 2024 CVE published

August 2, 2024 Record updated

External resources

03References

NVD — National Vulnerability Database https://nvd.nist.gov/vuln/detail/CVE-2024-30110

Related vulnerabilities

04Related CVE

CVE-2024-23641 Sending a GET or HEAD request with a body crashes SvelteKit CVE-2024-39513 Junos OS Evolved: Execution of a specific CLI command will cause a crash in the AFT manager CVE-2021-36007 Adobe Prelude MP4 File Parsing Uninitialized Variable Information Disclosure Vulnerability CVE-2026-23571 Command Injection in 1E-Nomad-RunPkgStatusRequest Instruction in TeamViewer DEX CVE-2026-34773 Electron: Registry key path injection in app.setAsDefaultProtocolClient on Windows