Vulnerability in Hcl Software Connections
CVE-2023-28018
HCL Connections is vulnerable to a denial of service, caused by improper validation on certain requests. Using a specially-crafted request an attacker could exploit this vulnerability to cause denial of service for affected users.
EPSS: 0.003 (23.5th percentile) — read the EPSS interpretation.
CVSS v3 metric
CVSS v3 base score 5.5 (Medium). Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:L/I:L/A:L.
Affected products
- Hcl Software Connections — versions 6.5, 7.0, 8.0
- Hcltech Connections — versions 6.5, 7.0, 8.0
References
- psirt@hcl.com (Vendor Advisory)
Frequently asked questions
- What is CVE-2023-28018?
- CVE-2023-28018 is a medium-severity vulnerability in Hcl Software Connections. CVSS score: 5.5/10. Published 2024-02-12.
- How severe is CVE-2023-28018?
- Medium severity. CVSS v3 base score is 5.5 out of 10.