CVE-2024-42207

Published Feb 5, 2025

Last updated 23 days ago

CVSS medium 5.5

Overview

Description
HCL iAutomate is affected by a session fixation vulnerability.  An attacker could hijack a victim's session ID from their authenticated session.
Source
psirt@hcl.com
NVD status
Received

Risk scores

CVSS 3.1

Type
Secondary
Base score
5.5
Impact score
4.7
Exploitability score
0.7
Vector string
CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:L/A:L
Severity
MEDIUM

Weaknesses

psirt@hcl.com
CWE-384

Social media

Hype score
Not currently trending

  1. CVE-2024-42207 HCL iAutomate is affected by a session fixation vulnerability.  An attacker could hijack a victim's session ID from their authenticated session. https://t.co/46CeJuv2EW

    @CVEnew

    5 Feb 2025

    280 Impressions

    0 Retweets

    1 Like

    0 Bookmarks

    0 Replies

    0 Quotes

References