HCL Marketing Operations 9.1.2.4 Download of Code Without Integrity Check Vulnerability

Summary

Using HCL Marketing Operations, a malicious attacker could download files from the RHEL environment by doing some modification in the link, giving the attacker access to confidential information.

Credit:

The information has been provided by Vendor

The original article can be found at:https://support.hcltechsw.com/csm?id=kb_article&sysparm_article=KB0080941


Details

Using HCL Marketing Operations 9.1.2.4, 10.1.x, 11.1.0.x, a malicious attacker could download files from the RHEL environment by doing some modification in the link, giving the attacker access to confidential information.

 

Vulnerable Systems:

HCL Marketing Operations 9.1.2.4

HCL Marketing Operations 10.1.x

HCL Marketing Operations 11.1.0.x

 

CVE Information:

CVE-2020-4125

 

Disclosure Timeline:
Published Date:7/20/2020

Categories: FeaturedNews