nvd-json-data-feeds/CVE-2024/CVE-2024-421xx/CVE-2024-42174.json

{
  "id": "CVE-2024-42174",
  "sourceIdentifier": "psirt@hcl.com",
  "published": "2025-01-11T07:15:09.110",
  "lastModified": "2025-01-11T07:15:09.110",
  "vulnStatus": "Awaiting Analysis",
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "HCL MyXalytics is affected by username enumeration vulnerability.  This allows a malicious user to perform enumeration of application users, and therefore\u00a0compile a list of valid usernames."
    },
    {
      "lang": "es",
      "value": "HCL MyXalytics se ve afectado por una vulnerabilidad de enumeraci\u00f3n de nombres de usuario. Esto permite que un usuario malintencionado realice una enumeraci\u00f3n de usuarios de la aplicaci\u00f3n y, por lo tanto, compile una lista de nombres de usuario v\u00e1lidos."
    }
  ],
  "metrics": {
    "cvssMetricV31": [
      {
        "source": "psirt@hcl.com",
        "type": "Secondary",
        "cvssData": {
          "version": "3.1",
          "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N",
          "baseScore": 3.7,
          "baseSeverity": "LOW",
          "attackVector": "NETWORK",
          "attackComplexity": "HIGH",
          "privilegesRequired": "NONE",
          "userInteraction": "NONE",
          "scope": "UNCHANGED",
          "confidentialityImpact": "LOW",
          "integrityImpact": "NONE",
          "availabilityImpact": "NONE"
        },
        "exploitabilityScore": 2.2,
        "impactScore": 1.4
      }
    ]
  },
  "weaknesses": [
    {
      "source": "psirt@hcl.com",
      "type": "Secondary",
      "description": [
        {
          "lang": "en",
          "value": "CWE-204"
        }
      ]
    }
  ],
  "references": [
    {
      "url": "https://support.hcl-software.com/csm?id=kb_article&sysparm_article=KB0118149",
      "source": "psirt@hcl.com"
    }
  ]
}
Auto-Update: 2025-01-11T09:00:21.765372+00:00 2025-01-11 09:03:52 +00:00			`{`
			`"id": "CVE-2024-42174",`
			`"sourceIdentifier": "psirt@hcl.com",`
			`"published": "2025-01-11T07:15:09.110",`
			`"lastModified": "2025-01-11T07:15:09.110",`
Auto-Update: 2025-01-19T03:00:20.175811+00:00 2025-01-19 03:03:47 +00:00			`"vulnStatus": "Awaiting Analysis",`
Auto-Update: 2025-01-11T09:00:21.765372+00:00 2025-01-11 09:03:52 +00:00			`"cveTags": [],`
			`"descriptions": [`
			`{`
			`"lang": "en",`
			`"value": "HCL MyXalytics is affected by username enumeration vulnerability. This allows a malicious user to perform enumeration of application users, and therefore\u00a0compile a list of valid usernames."`
Auto-Update: 2025-01-19T03:00:20.175811+00:00 2025-01-19 03:03:47 +00:00			`},`
			`{`
			`"lang": "es",`
			`"value": "HCL MyXalytics se ve afectado por una vulnerabilidad de enumeraci\u00f3n de nombres de usuario. Esto permite que un usuario malintencionado realice una enumeraci\u00f3n de usuarios de la aplicaci\u00f3n y, por lo tanto, compile una lista de nombres de usuario v\u00e1lidos."`
Auto-Update: 2025-01-11T09:00:21.765372+00:00 2025-01-11 09:03:52 +00:00			`}`
			`],`
			`"metrics": {`
			`"cvssMetricV31": [`
			`{`
			`"source": "psirt@hcl.com",`
			`"type": "Secondary",`
			`"cvssData": {`
			`"version": "3.1",`
			`"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N",`
			`"baseScore": 3.7,`
			`"baseSeverity": "LOW",`
			`"attackVector": "NETWORK",`
			`"attackComplexity": "HIGH",`
			`"privilegesRequired": "NONE",`
			`"userInteraction": "NONE",`
			`"scope": "UNCHANGED",`
			`"confidentialityImpact": "LOW",`
			`"integrityImpact": "NONE",`
			`"availabilityImpact": "NONE"`
			`},`
			`"exploitabilityScore": 2.2,`
			`"impactScore": 1.4`
			`}`
			`]`
			`},`
			`"weaknesses": [`
			`{`
			`"source": "psirt@hcl.com",`
			`"type": "Secondary",`
			`"description": [`
			`{`
			`"lang": "en",`
			`"value": "CWE-204"`
			`}`
			`]`
			`}`
			`],`
			`"references": [`
			`{`
			`"url": "https://support.hcl-software.com/csm?id=kb_article&sysparm_article=KB0118149",`
			`"source": "psirt@hcl.com"`
			`}`
			`]`
			`}`