Cross-Site Request Forgery Vulnerability in HCL SX Software
CVE-2024-30154

5.7MEDIUM

Key Information:

Vendor
CVE Published:
3 March 2025

What is CVE-2024-30154?

HCL SX suffers from a critical vulnerability that allows attackers to perform unauthorized actions on behalf of trusted users. By exploiting this cross-site request forgery (CSRF) flaw, an attacker could potentially manipulate user requests, leading to unauthorized data access or changes within the HCL SX environment. Users are urged to update their software and implement appropriate security measures to mitigate this risk.

Affected Version(s)

HCL SX 21

References

CVSS V3.1

Score:
5.7
Severity:
MEDIUM
Confidentiality:
None
Integrity:
High
Availability:
None
Attack Vector:
Network
Attack Complexity:
Low
Privileges Required:
Low
User Interaction:
Required
Scope:
Unchanged

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.