CVE-2023-37541
LOWDescription
HCL Connections contains a broken access control vulnerability that may allow unauthorized user to update data in certain scenarios.
CVSS v3.1 Score
Affected Products
| Vendor | Product |
|---|---|
| hcltech | connections |
| hcltech | connections |
| hcltech | connections |
| hcltech | connections |
| hcltech | connections |
| hcltech | connections |
| hcltech | connections |
| hcltech | connections |
| hcltech | connections |
| hcltech | connections |
| hcltech | connections |
References
Advisories & Patches
Frequently Asked Questions
What is CVE-2023-37541? +
How severe is CVE-2023-37541? +
What products are affected by CVE-2023-37541? +
How do I check if I'm vulnerable to CVE-2023-37541? +
Related Vulnerabilities
HCL MyXalytics is affected by out-of-band resource load (HTTP) vulnerability. An attacker can deploy a web server that returns malicious …
HCL DRYiCE MyXalytics is impacted by path traversal arbitrary file read vulnerability because it uses external input to construct a …
HCL Digital Experience is affected by an OS command injection vulnerability in the Digital Asset Management API. An attacker may …
HCL Nomad server on Domino is affected by an open proxy vulnerability in which an unauthenticated attacker can mask their …
The Domino Catalog template is susceptible to a Stored Cross-Site Scripting (XSS) vulnerability. An attacker with the ability to edit …
HCL DRYiCE MyXalytics is impacted by an Improper Access Control (Controller APIs) vulnerability. Certain API endpoints are accessible to Customer …