CVE-2023-23342: HCL Nomad for web is affected by cryptographic validation of local data access that can be circumvented
First published: Thu Aug 10 2023(Updated: )
If certain local files are manipulated in a certain manner, the validation to use the cryptographic keys can be circumvented.
Credit: psirt@hcl.com psirt@hcl.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Hcltech Hcl Nomad | >=1.0.0<1.0.7 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Frequently Asked Questions
What is the vulnerability ID for this vulnerability?
The vulnerability ID for this vulnerability is CVE-2023-23342.
What is the severity of CVE-2023-23342?
The severity of CVE-2023-23342 is high (7.1).
How can the cryptographic key validation be circumvented?
The cryptographic key validation can be circumvented by manipulating certain local files in a certain manner.
What software is affected by CVE-2023-23342?
The Hcltech Hcl Nomad software versions 1.0.0 to 1.0.7 are affected by CVE-2023-23342.
Where can I find more information about CVE-2023-23342?
You can find more information about CVE-2023-23342 in the [HCL Tech Support Knowledge Base](https://support.hcltechsw.com/csm?id=kb_article&sysparm_article=KB0106600).
- collector/nvd-api
- collector/nvd-index
- agent/author
- agent/type
- agent/softwarecombine
- collector/mitre-cve
- source/MITRE
- agent/last-modified-date
- agent/references
- agent/title
- agent/severity
- agent/tags
- agent/first-publish-date
- agent/description
- agent/event
- vendor/hcltech
- canonical/hcltech hcl nomad
- version/hcltech hcl nomad/1.0.0