cvelist/2024/30xxx/CVE-2024-30111.json

{
    "data_version": "4.0",
    "data_type": "CVE",
    "data_format": "MITRE",
    "CVE_data_meta": {
        "ID": "CVE-2024-30111",
        "ASSIGNER": "psirt@hcl.com",
        "STATE": "PUBLIC"
    },
    "description": {
        "description_data": [
            {
                "lang": "eng",
                "value": "HCL DRYiCE AEX product is impacted by Missing\nRoot Detection vulnerability in the mobile application. The  mobile app can be installed in the rooted\ndevice due to which malicious users can gain unauthorized access to the rooted\ndevices, compromising security and potentially leading to data breaches or\nother malicious activities."
            }
        ]
    },
    "problemtype": {
        "problemtype_data": [
            {
                "description": [
                    {
                        "lang": "eng",
                        "value": "CWE-1326:  Missing Immutable Root of Trust in Hardware",
                        "cweId": "CWE-1326"
                    }
                ]
            }
        ]
    },
    "affects": {
        "vendor": {
            "vendor_data": [
                {
                    "vendor_name": "HCL Software",
                    "product": {
                        "product_data": [
                            {
                                "product_name": "DRYiCE AEX",
                                "version": {
                                    "version_data": [
                                        {
                                            "version_affected": "=",
                                            "version_value": "10"
                                        }
                                    ]
                                }
                            }
                        ]
                    }
                }
            ]
        }
    },
    "references": {
        "reference_data": [
            {
                "url": "https://support.hcltechsw.com/csm?id=kb_article&sysparm_article=KB0114193",
                "refsource": "MISC",
                "name": "https://support.hcltechsw.com/csm?id=kb_article&sysparm_article=KB0114193"
            }
        ]
    },
    "generator": {
        "engine": "Vulnogram 0.2.0"
    },
    "source": {
        "discovery": "UNKNOWN"
    },
    "impact": {
        "cvss": [
            {
                "attackComplexity": "LOW",
                "attackVector": "LOCAL",
                "availabilityImpact": "NONE",
                "baseScore": 3.3,
                "baseSeverity": "LOW",
                "confidentialityImpact": "LOW",
                "integrityImpact": "NONE",
                "privilegesRequired": "NONE",
                "scope": "UNCHANGED",
                "userInteraction": "REQUIRED",
                "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N",
                "version": "3.1"
            }
        ]
    }
}
"-Synchronized-Data." 2024-04-02 14:14:24 +00:00			`{`
"-Synchronized-Data." 2024-06-28 07:00:33 +00:00			`"data_version": "4.0",`
"-Synchronized-Data." 2024-04-02 14:14:24 +00:00			`"data_type": "CVE",`
			`"data_format": "MITRE",`
			`"CVE_data_meta": {`
			`"ID": "CVE-2024-30111",`
"-Synchronized-Data." 2024-06-28 07:00:33 +00:00			`"ASSIGNER": "psirt@hcl.com",`
			`"STATE": "PUBLIC"`
"-Synchronized-Data." 2024-04-02 14:14:24 +00:00			`},`
			`"description": {`
			`"description_data": [`
			`{`
			`"lang": "eng",`
"-Synchronized-Data." 2024-06-28 07:00:33 +00:00			`"value": "HCL DRYiCE AEX product is impacted by Missing\nRoot Detection vulnerability in the mobile application. The mobile app can be installed in the rooted\ndevice due to which malicious users can gain unauthorized access to the rooted\ndevices, compromising security and potentially leading to data breaches or\nother malicious activities."`
			`}`
			`]`
			`},`
			`"problemtype": {`
			`"problemtype_data": [`
			`{`
			`"description": [`
			`{`
			`"lang": "eng",`
			`"value": "CWE-1326: Missing Immutable Root of Trust in Hardware",`
			`"cweId": "CWE-1326"`
			`}`
			`]`
			`}`
			`]`
			`},`
			`"affects": {`
			`"vendor": {`
			`"vendor_data": [`
			`{`
			`"vendor_name": "HCL Software",`
			`"product": {`
			`"product_data": [`
			`{`
			`"product_name": "DRYiCE AEX",`
			`"version": {`
			`"version_data": [`
			`{`
			`"version_affected": "=",`
			`"version_value": "10"`
			`}`
			`]`
			`}`
			`}`
			`]`
			`}`
			`}`
			`]`
			`}`
			`},`
			`"references": {`
			`"reference_data": [`
			`{`
			`"url": "https://support.hcltechsw.com/csm?id=kb_article&sysparm_article=KB0114193",`
			`"refsource": "MISC",`
			`"name": "https://support.hcltechsw.com/csm?id=kb_article&sysparm_article=KB0114193"`
			`}`
			`]`
			`},`
			`"generator": {`
			`"engine": "Vulnogram 0.2.0"`
			`},`
			`"source": {`
			`"discovery": "UNKNOWN"`
			`},`
			`"impact": {`
			`"cvss": [`
			`{`
			`"attackComplexity": "LOW",`
			`"attackVector": "LOCAL",`
			`"availabilityImpact": "NONE",`
			`"baseScore": 3.3,`
			`"baseSeverity": "LOW",`
			`"confidentialityImpact": "LOW",`
			`"integrityImpact": "NONE",`
			`"privilegesRequired": "NONE",`
			`"scope": "UNCHANGED",`
			`"userInteraction": "REQUIRED",`
			`"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N",`
			`"version": "3.1"`
"-Synchronized-Data." 2024-04-02 14:14:24 +00:00			`}`
			`]`
			`}`
			`}`