Host Header Manipulation Vulnerability in HCL Software Products
CVE-2024-30129

Currently unrated

Key Information:

Vendor: HCL Software
Status: HCL Software Applications
Vendor: CVE Published:; 6 December 2024

Summary

A vulnerability exists due to improper handling of the HTTP host header within HCL Software applications. This flaw allows an attacker to manipulate the host header, potentially redirecting traffic to unintended domains or IP addresses. Such behavior can lead to various security issues, including unauthorized access or data exposure. Organizations utilizing affected HCL products must assess their systems and take corrective measures to mitigate this risk.

References

https://support.hcl-software.com/csm?id=kb_article&syspar...

Timeline

Vulnerability published
Dec 6, 2024