Brute Force Vulnerability in HCL Aftermarket EPC
CVE-2024-23566

6.5MEDIUM

Key Information:

Vendor
CVE Published:
17 July 2026

What is CVE-2024-23566?

The HCL Aftermarket EPC software is susceptible to brute force attacks due to the absence of CAPTCHA mechanisms. This vulnerability allows attackers to leverage automated tools for repeated login attempts, potentially leading to unauthorized access and account enumeration, compromising user security and data integrity.

Affected Version(s)

Aftermarket EPC version 1.0.0

References

CVSS V3.1

Score:
6.5
Severity:
MEDIUM
Confidentiality:
Low
Integrity:
Low
Availability:
Low
Attack Vector:
Network
Attack Complexity:
Low
Privileges Required:
None
User Interaction:
None
Scope:
Unchanged

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.