{"dataType": "CVE_RECORD", "dataVersion": "5.1", "cveMetadata": {"cveId": "CVE-2024-30110", "assignerOrgId": "1e47fe04-f25f-42fa-b674-36de2c5e3cfc", "state": "PUBLISHED", "assignerShortName": "HCL", "dateReserved": "2024-03-22T23:57:21.324Z", "datePublished": "2024-06-28T06:25:51.349Z", "dateUpdated": "2024-08-02T01:25:03.163Z"}, "containers": {"cna": {"affected": [{"defaultStatus": "unaffected", "product": "DRYiCE AEX", "vendor": "HCL Software", "versions": [{"status": "affected", "version": "10"}]}], "datePublic": "2024-06-27T19:00:00.000Z", "descriptions": [{"lang": "en", "supportingMedia": [{"base64": false, "type": "text/html", "value": "<p></p><p></p><p>HCL DRYiCE\nAEX product is impacted by lack of input validation vulnerability in a particular web application. A malicious script can be injected into a system which\ncan cause the system to behave in unexpected ways.</p><p></p><p></p>"}], "value": "HCL DRYiCE\nAEX product is impacted by lack of input validation vulnerability in a particular web application. A malicious script can be injected into a system which\ncan cause the system to behave in unexpected ways."}], "metrics": [{"cvssV3_1": {"attackComplexity": "HIGH", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 3.7, "baseSeverity": "LOW", "confidentialityImpact": "LOW", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N", "version": "3.1"}, "format": "CVSS", "scenarios": [{"lang": "en", "value": "GENERAL."}]}], "problemTypes": [{"descriptions": [{"cweId": "CWE-20", "description": "CWE-20 Improper Input Validation", "lang": "en", "type": "CWE"}]}], "providerMetadata": {"orgId": "1e47fe04-f25f-42fa-b674-36de2c5e3cfc", "shortName": "HCL", "dateUpdated": "2024-06-28T06:25:51.349Z"}, "references": [{"url": "https://support.hcltechsw.com/csm?id=kb_article&sysparm_article=KB0114193"}], "source": {"discovery": "UNKNOWN"}, "title": "Lack of input validation vulnerability affects DRYiCE AEX v10", "x_generator": {"engine": "Vulnogram 0.2.0"}}, "adp": [{"metrics": [{"other": {"type": "ssvc", "content": {"timestamp": "2024-06-28T14:30:02.488359Z", "id": "CVE-2024-30110", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2024-06-28T14:30:14.763Z"}}, {"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-02T01:25:03.163Z"}, "title": "CVE Program Container", "references": [{"url": "https://support.hcltechsw.com/csm?id=kb_article&sysparm_article=KB0114193", "tags": ["x_transferred"]}]}]}}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2024-30110", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "version": "2.0.3", "timestamp": "2024-06-28T14:30:02.488359Z"}}}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2024-06-28T14:30:10.534Z"}}], "cna": {"title": "Lack of input validation vulnerability affects DRYiCE AEX v10", "source": {"discovery": "UNKNOWN"}, "metrics": [{"format": "CVSS", "cvssV3_1": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 3.7, "attackVector": "NETWORK", "baseSeverity": "LOW", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N", "integrityImpact": "NONE", "userInteraction": "NONE", "attackComplexity": "HIGH", "availabilityImpact": "NONE", "privilegesRequired": "NONE", "confidentialityImpact": "LOW"}, "scenarios": [{"lang": "en", "value": "GENERAL."}]}], "affected": [{"vendor": "HCL Software", "product": "DRYiCE AEX", "versions": [{"status": "affected", "version": "10"}], "defaultStatus": "unaffected"}], "datePublic": "2024-06-27T19:00:00.000Z", "references": [{"url": "https://support.hcltechsw.com/csm?id=kb_article&sysparm_article=KB0114193"}], "x_generator": {"engine": "Vulnogram 0.2.0"}, "descriptions": [{"lang": "en", "value": "HCL DRYiCE\nAEX product is impacted by lack of input validation vulnerability in a particular web application. A malicious script can be injected into a system which\ncan cause the system to behave in unexpected ways.", "supportingMedia": [{"type": "text/html", "value": "<p></p><p></p><p>HCL DRYiCE\nAEX product is impacted by lack of input validation vulnerability in a particular web application. A malicious script can be injected into a system which\ncan cause the system to behave in unexpected ways.</p><p></p><p></p>", "base64": false}]}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-20", "description": "CWE-20 Improper Input Validation"}]}], "providerMetadata": {"orgId": "1e47fe04-f25f-42fa-b674-36de2c5e3cfc", "shortName": "HCL", "dateUpdated": "2024-06-28T06:25:51.349Z"}}}, "cveMetadata": {"cveId": "CVE-2024-30110", "state": "PUBLISHED", "dateUpdated": "2024-06-28T14:30:14.763Z", "dateReserved": "2024-03-22T23:57:21.324Z", "assignerOrgId": "1e47fe04-f25f-42fa-b674-36de2c5e3cfc", "datePublished": "2024-06-28T06:25:51.349Z", "assignerShortName": "HCL"}, "dataVersion": "5.1"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:hcltech:dryice_aex:10.0:*:*:*:*:*:*:*", "matchCriteriaId": "AB374CFE-9DFA-4891-B97F-8FFC19EF25BB", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "HCL DRYiCE\nAEX product is impacted by lack of input validation vulnerability in a particular web application. A malicious script can be injected into a system which\ncan cause the system to behave in unexpected ways."}, {"lang": "es", "value": "El producto HCL DRYiCE AEX se ve afectado por una vulnerabilidad de falta de validaci\u00f3n de entrada en una aplicaci\u00f3n web en particular. Se puede inyectar un script malicioso en un sistema que puede hacer que el sistema se comporte de maneras inesperadas."}], "id": "CVE-2024-30110", "lastModified": "2025-10-30T18:44:58.857", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "HIGH", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 3.7, "baseSeverity": "LOW", "confidentialityImpact": "LOW", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N", "version": "3.1"}, "exploitabilityScore": 2.2, "impactScore": 1.4, "source": "psirt@hcl.com", "type": "Secondary"}, {"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 9.8, "baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 3.9, "impactScore": 5.9, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2024-06-28T07:15:05.077", "references": [{"source": "psirt@hcl.com", "tags": ["Vendor Advisory"], "url": "https://support.hcltechsw.com/csm?id=kb_article&sysparm_article=KB0114193"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Vendor Advisory"], "url": "https://support.hcltechsw.com/csm?id=kb_article&sysparm_article=KB0114193"}], "sourceIdentifier": "psirt@hcl.com", "vulnStatus": "Analyzed", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-20"}], "source": "psirt@hcl.com", "type": "Secondary"}, {"description": [{"lang": "en", "value": "NVD-CWE-noinfo"}], "source": "nvd@nist.gov", "type": "Primary"}]}

{}