Lucene search

PRIOn knowledge basePRION:CVE-2023-37532

HistoryOct 23, 2023 - 5:15 p.m.

Design/Logic Flaw

2023-10-2317:15:00

PRIOn knowledge base

www.prio-n.com

hcl commerce

remote store server

design flaw

logic flaw

remote attacker

arbitrary files

nvd

4.9 Medium

AI Score

Confidence

High

0.001 Low

EPSS

Percentile

28.0%

HCL Commerce Remote Store server could allow a remote attacker, using a specially-crafted URL, to read arbitrary files on the system.

CPENameOperatorVersion
commercege9.1.8
commercele9.1.13.2

CPE	Name	Operator	Version
	commerce	ge	9.1.8
	commerce	le	9.1.13.2

References

support.hcltechsw.com/csm?id=kb_article&sysparm_article=KB0108094