CVE-2023-37503

Summary

HCL Compass is vulnerable to insecure password requirements. An attacker could easily guess the password and gain access to user accounts.

Affected Software

VendorProductVersion RangeStatus
HCL SoftwareHCL Compass2.0, 2.1, 2.2affected

Weaknesses

ADP Enrichment

CVE Program Container

Additional References

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: yes
    • Technical Impact: total

References