Description
HCL Connections contains a broken access control vulnerability that may allow an unauthorized user to view data in a single specific scenario.
CVSS breakdown
CVSS 3.1
Attack Vector
Network
Attack Complexity
Low
Privileges Required
Low
User Interaction
Required
Scope
Unchanged
Confidentiality
Low
Integrity
None
Availability
None
Affected products
- HCLSoftware / Connections7.0, 8.0 – 7.0, 8.0