Description

HCL Nomad is susceptible to an insufficient session expiration vulnerability.   Under certain circumstances, an unauthenticated attacker could obtain old session information.

Related CPE's

a

hcltech

hcl_nomad

*

*

*

*

*

-

Vulnerable

a

hcltech

domino

-

References

https://support.hcltechsw.com/csm?id=kb_article&sysparm_article=KB0115264

Vendor Advisory

Weaknesses

[email protected]

Secondary
CWE-613

[email protected]

Primary
CWE-613

CVSS impact metrics

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N

5.3 · Medium

Information

Source identifier

[email protected]

Vulnerability status

Analyzed

Published

2024-09-27T20:15:12.930Z

1 year ago

Last modified

2024-10-07T13:30:56.227Z

1 year ago