Possibility of Library Replacement Attack
CVE-2024-30117

5.3MEDIUM

Key Information:

Vendor: Hcl Software
Status: Bigfix Platform
Vendor: CVE Published:; 14 October 2024

Summary

A dynamic search for a prerequisite library could allow the possibility for an attacker to replace the correct file under some circumstances.

Affected Version(s)

BigFix Platform 9.5 - 9.5.24, 10.0 - 10.0.11, 11.0.0 - 11.0.2

References

https://support.hcl-software.com/csm?id=kb_article&syspar...

CVSS V3.1

Score:

5.3

Severity:

MEDIUM

Confidentiality:

None

Integrity:

Low

Availability:

None

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Timeline

Vulnerability published
Oct 14, 2024

.