What is CVE-2023-23347?

CVE-2023-23347 is a vulnerability in HCL DRYiCE iAutomate that is caused by the use of a broken cryptographic algorithm, potentially compromising the confidentiality and integrity of sensitive information.

Which versions of HCL DRYiCE iAutomate are affected by CVE-2023-23347?

Versions 6.0, 6.1, and 6.2 of HCL DRYiCE iAutomate are affected by CVE-2023-23347.

What is the severity of CVE-2023-23347?

CVE-2023-23347 has a severity rating of 7.1 (high).

How can CVE-2023-23347 be exploited?

CVE-2023-23347 can be exploited by an attacker who takes advantage of the broken cryptographic algorithm in HCL DRYiCE iAutomate to compromise sensitive information.

Is there a fix for CVE-2023-23347?

Yes, HCL DRYiCE iAutomate has released a fix for CVE-2023-23347. It is recommended to update to the latest version of the software to mitigate this vulnerability.

Vulnerability/
CVE-2023-23347

high

7.1

CWE

327

9/8/2023

29/10/2024

CVE-2023-23347: Use of a broken cryptographic algorithm affects HCL DRYiCE iAutomate

First published: Wed Aug 09 2023(Updated: )

HCL DRYiCE iAutomate is affected by the use of a broken cryptographic algorithm. An attacker can potentially compromise the confidentiality and integrity of sensitive information.

Credit: psirt@hcl.com psirt@hcl.com

Affected Software	Affected Version	How to fix
Hcltech Dryice Iautomate	=6.0
Hcltech Dryice Iautomate	=6.1
Hcltech Dryice Iautomate	=6.2

Never miss a vulnerability like this again

Reference Links

https://support.hcltechsw.com/csm?id=kb_article&sysparm_article=KB0106674

Frequently Asked Questions

What is CVE-2023-23347?
CVE-2023-23347 is a vulnerability in HCL DRYiCE iAutomate that is caused by the use of a broken cryptographic algorithm, potentially compromising the confidentiality and integrity of sensitive information.
Which versions of HCL DRYiCE iAutomate are affected by CVE-2023-23347?
Versions 6.0, 6.1, and 6.2 of HCL DRYiCE iAutomate are affected by CVE-2023-23347.
What is the severity of CVE-2023-23347?
CVE-2023-23347 has a severity rating of 7.1 (high).
How can CVE-2023-23347 be exploited?
CVE-2023-23347 can be exploited by an attacker who takes advantage of the broken cryptographic algorithm in HCL DRYiCE iAutomate to compromise sensitive information.
Is there a fix for CVE-2023-23347?
Yes, HCL DRYiCE iAutomate has released a fix for CVE-2023-23347. It is recommended to update to the latest version of the software to mitigate this vulnerability.

collector/nvd-index
agent/author
agent/type
agent/softwarecombine
agent/references
agent/title
agent/weakness
agent/severity
agent/first-publish-date
agent/description
agent/event
agent/tags
collector/mitre-cve
source/MITRE
agent/last-modified-date
collector/nvd-api
source/NVD
agent/software-canonical-lookup
vendor/hcltech
canonical/hcltech dryice iautomate
version/hcltech dryice iautomate/6.0
version/hcltech dryice iautomate/6.1
version/hcltech dryice iautomate/6.2

Company

Resources

Contact

SecAlerts Pty Ltd.
132 Wickham Terrace
Fortitude Valley,
QLD 4006, Australia
info@secalerts.co

By using SecAlerts services, you agree to our services end-user license agreement. This website is safeguarded by reCAPTCHA and governed by the Google Privacy Policy and Terms of Service. All names, logos, and brands of products are owned by their respective owners, and any usage of these names, logos, and brands for identification purposes only does not imply endorsement. If you possess any content that requires removal, please get in touch with us.