Outdated Hash Algorithm in HCL Glovius Cloud Affects Data Security
CVE-2024-23589

6.8MEDIUM

Key Information:

Vendor: HCL Software Software
Status: HCL Software Glovius Cloud
Vendor: CVE Published:; 30 May 2025

🔔 Create HCL Software Software Vulnerability Alert

What is CVE-2024-23589?

The HCL Glovius Cloud vulnerability arises from the use of an outdated hashing algorithm. This weakness potentially allows attackers to exploit modern hardware capabilities, such as GPUs or ASICs, to perform brute-force or dictionary attacks effectively. As a result, sensitive input data may be compromised, posing significant risks to user security.

Affected Version(s)

HCL Glovius Cloud 240520

References

https://support.hcl-software.com/csm?id=kb_article&syspar...

CVSS V3.1

Score:

6.8

Severity:

MEDIUM

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Adjacent Network

Attack Complexity:

High

Privileges Required:

Low

User Interaction:

Required

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
May 30, 2025
Vulnerability Reserved
Jan 18, 2024