CVE-2024-30110

HCL DRYiCE AEX product is impacted by lack of input validation vulnerability in a particular web application. A malicious script can be injected into a system which can cause the system to behave in unexpected ways.

CVSS v3 3.7 LOW

3.7^/10

CVSS v3 : LOW

Vector :

Exploitability : 2.2 / Impact : 1.4

Attack Vector NETWORK

Attack Complexity HIGH

Privileges Required NONE

User Interaction NONE

Confidentiality Impact LOW

Integrity Impact NONE

Availability Impact NONE

Scope UNCHANGED

References

Link	Resource
https://support.hcltechsw.com/csm?id=kb_article&sysparm_article=KB0114193	Vendor Advisory
https://support.hcltechsw.com/csm?id=kb_article&sysparm_article=KB0114193	Vendor Advisory

Configurations

Configuration 1 (hide)

cpe:2.3:a:hcltech:dryice_aex:10.0:*:*:*:*:*:*:*

History

No history.

Information

Published : 2024-06-28 07:15

Updated : 2025-10-30 18:44

NVD link : CVE-2024-30110

Mitre link : CVE-2024-30110

CVE.ORG link : CVE-2024-30110

JSON object : View

Products Affected

hcltech

dryice_aex

CWE

CWE-20

Improper Input Validation

NVD-CWE-noinfo

{"id": "CVE-2024-30110", "cveTags": [], "metrics": {"cvssMetricV31": [{"type": "Secondary", "source": "psirt@hcl.com", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 3.7, "attackVector": "NETWORK", "baseSeverity": "LOW", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N", "integrityImpact": "NONE", "userInteraction": "NONE", "attackComplexity": "HIGH", "availabilityImpact": "NONE", "privilegesRequired": "NONE", "confidentialityImpact": "LOW"}, "impactScore": 1.4, "exploitabilityScore": 2.2}, {"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 9.8, "attackVector": "NETWORK", "baseSeverity": "CRITICAL", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "NONE", "confidentialityImpact": "HIGH"}, "impactScore": 5.9, "exploitabilityScore": 3.9}]}, "published": "2024-06-28T07:15:05.077", "references": [{"url": "https://support.hcltechsw.com/csm?id=kb_article&sysparm_article=KB0114193", "tags": ["Vendor Advisory"], "source": "psirt@hcl.com"}, {"url": "https://support.hcltechsw.com/csm?id=kb_article&sysparm_article=KB0114193", "tags": ["Vendor Advisory"], "source": "af854a3a-2127-422b-91ae-364da2661108"}], "vulnStatus": "Analyzed", "weaknesses": [{"type": "Secondary", "source": "psirt@hcl.com", "description": [{"lang": "en", "value": "CWE-20"}]}, {"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "NVD-CWE-noinfo"}]}], "descriptions": [{"lang": "en", "value": "HCL DRYiCE\nAEX product is impacted by lack of input validation vulnerability in a particular web application. A malicious script can be injected into a system which\ncan cause the system to behave in unexpected ways."}, {"lang": "es", "value": "El producto HCL DRYiCE AEX se ve afectado por una vulnerabilidad de falta de validaci\u00f3n de entrada en una aplicaci\u00f3n web en particular. Se puede inyectar un script malicioso en un sistema que puede hacer que el sistema se comporte de maneras inesperadas."}], "lastModified": "2025-10-30T18:44:58.857", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:hcltech:dryice_aex:10.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "AB374CFE-9DFA-4891-B97F-8FFC19EF25BB"}], "operator": "OR"}]}], "sourceIdentifier": "psirt@hcl.com"}