CVE-2024-42197
Unknown
Unknown - Not Provided
BaseFortify
Publication date: 2025-12-11
Last updated on: 2025-12-11
Assigner: HCL Software
Description
Description
HCL Workload Scheduler stores user credentials in plain text which can be read by a local user.
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| hcl | workload_scheduler | 3.1 |
Helpful Resources
Exploitability
CWE
KEV
| CWE ID | Description |
|---|---|
| CWE-256 | The product stores a password in plaintext within resources such as memory or files. |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
This vulnerability involves HCL Workload Scheduler storing user credentials in plain text, which means that a local user on the system can read these credentials without needing special privileges or complex attacks.
How can this vulnerability impact me? :
The impact of this vulnerability is that a local user could access sensitive user credentials, potentially leading to unauthorized access to accounts or systems, compromising confidentiality.
Ask Our AI Assistant
Need more information? Ask your question to get an AI reply (Powered by our expertise)
0/70