CVE-2024-30117 LOW

CVE-2024-30117: HCL BigFix Platform is affected by a DLL Hijack vulnerability

Vendor Hcl Software
Product BigFix Platform
Weakness CWE-427
Published October 14, 2024
Last update October 15, 2024

CVSS base score

2.5/10
Attack vector Local
Attack complexity High
Privileges required High
User interaction None
Confidentiality None
Integrity None

CVSS vector

CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:N/I:N/A:L

What the vulnerability does

01Description

A dynamic search for a prerequisite library could allow the possibility for an attacker to replace the correct file under some circumstances.

Key dates

02Disclosure timeline

October 14, 2024 CVE published
October 15, 2024 Record updated