CVE-2024-30150

HCL MyCloud is affected by Improper Access Control - an unauthenticated privilege escalation vulnerability which may lead to information disclosure and potential for Server-Side Request Forgery (SSRF) and Denial of Service(DOS) attacks from unauthenticated users.

CVSS v3 5.3 MEDIUM

5.3^/10

CVSS v3 : MEDIUM

Vector :

Exploitability : 3.9 / Impact : 1.4

Attack Vector NETWORK

Attack Complexity LOW

Privileges Required NONE

User Interaction NONE

Confidentiality Impact LOW

Integrity Impact NONE

Availability Impact NONE

Scope UNCHANGED

References

Link	Resource
https://support.hcl-software.com/csm?id=kb_article&sysparm_article=KB0119368	Vendor Advisory

Configurations

Configuration 1 (hide)

cpe:2.3:a:hcltech:dryice_mycloud:10.8.1:*:*:*:*:*:*:*

History

09 Jan 2026, 02:42

Type	Values Removed	Values Added
References	~~() https://support.hcl-software.com/csm?id=kb_article&sysparm_article=KB0119368 -~~	() https://support.hcl-software.com/csm?id=kb_article&sysparm_article=KB0119368 - Vendor Advisory
CWE		CWE-918
First Time		Hcltech dryice Mycloud Hcltech
Summary		(es) HCL MyCloud se ve afectado por un control de acceso inadecuado, una vulnerabilidad de escalada de privilegios no autenticados que puede provocar la divulgación de información y posibles ataques de Server-Side Request Forgery (SSRF) y de denegación de servicio (DOS) por parte de usuarios no autenticados.
CPE		cpe:2.3:a:hcltech:dryice_mycloud:10.8.1:::::::*

25 Feb 2025, 23:15

Type	Values Removed	Values Added
New CVE

Information

Published : 2025-02-25 23:15

Updated : 2026-01-09 02:42

NVD link : CVE-2024-30150

Mitre link : CVE-2024-30150

CVE.ORG link : CVE-2024-30150

JSON object : View

Products Affected

hcltech

dryice_mycloud

CWE

CWE-269

Improper Privilege Management

CWE-918

Server-Side Request Forgery (SSRF)

{"id": "CVE-2024-30150", "cveTags": [], "metrics": {"cvssMetricV31": [{"type": "Secondary", "source": "psirt@hcl.com", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 5.3, "attackVector": "NETWORK", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N", "integrityImpact": "NONE", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "NONE", "privilegesRequired": "NONE", "confidentialityImpact": "LOW"}, "impactScore": 1.4, "exploitabilityScore": 3.9}, {"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 9.1, "attackVector": "NETWORK", "baseSeverity": "CRITICAL", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H", "integrityImpact": "NONE", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "NONE", "confidentialityImpact": "HIGH"}, "impactScore": 5.2, "exploitabilityScore": 3.9}]}, "published": "2025-02-25T23:15:10.753", "references": [{"url": "https://support.hcl-software.com/csm?id=kb_article&sysparm_article=KB0119368", "tags": ["Vendor Advisory"], "source": "psirt@hcl.com"}], "vulnStatus": "Analyzed", "weaknesses": [{"type": "Secondary", "source": "psirt@hcl.com", "description": [{"lang": "en", "value": "CWE-269"}]}, {"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "CWE-918"}]}], "descriptions": [{"lang": "en", "value": "HCL MyCloud is affected by Improper Access Control - an unauthenticated privilege escalation vulnerability which may lead to information disclosure and potential for Server-Side Request Forgery (SSRF) and Denial of Service(DOS) attacks from unauthenticated users."}, {"lang": "es", "value": "HCL MyCloud se ve afectado por un control de acceso inadecuado, una vulnerabilidad de escalada de privilegios no autenticados que puede provocar la divulgaci\u00f3n de informaci\u00f3n y posibles ataques de Server-Side Request Forgery (SSRF) y de denegaci\u00f3n de servicio (DOS) por parte de usuarios no autenticados."}], "lastModified": "2026-01-09T02:42:02.167", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:hcltech:dryice_mycloud:10.8.1:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "438C8C0C-E74F-4C1E-A570-DA80079CF982"}], "operator": "OR"}]}], "sourceIdentifier": "psirt@hcl.com"}