Email Flooding Vulnerability in HCL Aftermarket EPC
CVE-2024-23565
5.3MEDIUM
What is CVE-2024-23565?
The HCL Aftermarket EPC is susceptible to an email flooding attack due to inadequate limitations on the number of emails sent through its Forget Password functionality. This vulnerability allows both human attackers and automated entities, such as bots or scripts, to exploit the system. By flooding the application with excessive emails, an attacker could disrupt services, lead to denial of service, and potentially affect the overall integrity of the application’s logic.
Affected Version(s)
Aftermarket EPC version 1.0.0
