Logo
-

Byte Open Security

(ByteOS Network)

Log In

Sign Up

ByteOS

Security
Vulnerability Details
Registries
Custom Views
Weaknesses
Attack Patterns
Filters & Tools

Connections Docs

Source -

CNA

CNA CVEs -

3

ADP CVEs -

0

CISA CVEs -

0

NVD CVEs -

0
Related CVEsRelated VendorsRelated AssignersReports
3Vulnerabilities found
CVE-2025-31987
Assigner-HCL Software
ShareView Details
Assigner-HCL Software
CVSS Score-4.8||MEDIUM
EPSS-0.03% / 8.10%
||
7 Day CHG~0.00%
Published-14 Aug, 2025 | 22:06
Updated-15 Aug, 2025 | 13:12
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
HCL Connections Docs is vulnerable to a Denial of Service (DoS) attack

HCL Connections Docs may mishandle validation of certain uploaded documents leading to denial of service due to resource exhaustion.

Action-Not Available
Vendor-HCL Technologies Ltd.
Product-Connections Docs
CWE ID-CWE-405
Asymmetric Resource Consumption (Amplification)
CVE-2024-23563
Assigner-HCL Software
ShareView Details
Assigner-HCL Software
CVSS Score-3.9||LOW
EPSS-0.01% / 1.90%
||
7 Day CHG~0.00%
Published-12 Feb, 2025 | 13:47
Updated-12 Feb, 2025 | 15:22
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
HCL Connections Docs is vulnerable to a sensitive information disclosure

HCL Connections Docs is vulnerable to a sensitive information disclosure which could allow a user to obtain sensitive information they are not entitled to, caused by improper handling of request data.

Action-Not Available
Vendor-HCL Technologies Ltd.
Product-Connections Docs
CWE ID-CWE-200
Exposure of Sensitive Information to an Unauthorized Actor
CVE-2023-45707
Assigner-HCL Software
ShareView Details
Assigner-HCL Software
CVSS Score-4.4||MEDIUM
EPSS-0.11% / 30.15%
||
7 Day CHG~0.00%
Published-08 Jun, 2024 | 15:10
Updated-02 Aug, 2024 | 20:29
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
HCL Connections Docs is vulnerable to Cross-Site Scripting (XSS)

HCL Connections Docs is vulnerable to a cross-site scripting attack where an attacker may leverage this issue to execute arbitrary code. This may lead to credentials disclosure and possibly launch additional attacks.

Action-Not Available
Vendor-HCL Technologies Ltd.
Product-Connections Docs
CWE ID-CWE-79
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')