Known Vulnerabilities
CVE-2024-30120
HCL DRYiCE Optibot Reset Station is impacted by an Unused Parameter in the web application.
LOW
CVSS 2.9
Published Jun 14, 2024
CVE-2024-30119
HCL DRYiCE Optibot Reset Station is impacted by a missing Strict Transport Security Header. This could allow an attacker to intercept or manipulate data during redirection.
LOW
CVSS 3.7
Published Jun 14, 2024
CVE-2024-23580
HCL DRYiCE Optibot Reset Station is impacted by insecure encryption of One-Time Passwords (OTPs). This could allow an attacker with access to the database to recover some or all encrypted values.
MEDIUM
CVSS 6.5
Published May 28, 2024
CVE-2024-23579
HCL DRYiCE Optibot Reset Station is impacted by insecure encryption of security questions. This could allow an attacker with access to the database to recover some or all encrypted values.
MEDIUM
CVSS 6.5
Published May 28, 2024