Brute-Force Vulnerability in HCL Aftermarket EPC Software
CVE-2024-23574

5.3MEDIUM

Key Information:

Vendor
CVE Published:
17 July 2026

What is CVE-2024-23574?

HCL Aftermarket EPC is susceptible to brute-force attacks, which enable malicious actors to enumerate valid user credentials within the system. By exploiting this vulnerability, attackers can repeatedly attempt to guess usernames or confirm their existence, increasing the risk of unauthorized access. It is crucial for users and administrators of this software to implement necessary countermeasures to safeguard their systems against such malicious activities.

Affected Version(s)

Aftermarket EPC version 1.0.0

References

CVSS V3.1

Score:
5.3
Severity:
MEDIUM
Confidentiality:
Low
Integrity:
None
Availability:
Low
Attack Vector:
Network
Attack Complexity:
Low
Privileges Required:
None
User Interaction:
None
Scope:
Unchanged

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.