CVE-2024-42208

CVSS 3.1 Score 3.5 of 10 (low)

Details

Published Apr 4, 2025

Updated: Apr 7, 2025

CWE ID 200

Summary

CVE-2024-42208 is a newly disclosed vulnerability affecting HCL Connections. This issue enables unauthorized users to access sensitive information they are not entitled to, as a result of the application's improper handling of request data. The vulnerability poses a significant risk for organizations using HCL Connections, as it could lead to data leakage and potential privacy breaches. Successful exploitation does not require user interaction or elevated privileges, making it a potential threat even in secure environments. The vulnerability is currently under active exploitation, emphasizing the need for affected organizations to apply the available patch as soon as possible.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Share

Affected Products

connections

Advisories, Assessments, and Mitigations

Back to Vulnerability Database

Platform Features

Products

Use Cases

Teams

Industries

Services

Measuring the US-China AI Gap

TerraStealerV2 and TerraLogger: Golden Chickens' New Malware Families Discovered

Uncovering MintsLoader With Recorded Future Malware Intelligence Hunting

Know What Matters

For Customers

For Partners