CVE-2024-23586 | Vulnerability Database | Aqua Security

NVD

https://nvd.nist.gov/vuln/detail/CVE-2024-23586

CWE

https://cwe.mitre.org/data/definitions/613.html

HCL Nomad is susceptible to an insufficient session expiration vulnerability. Under certain circumstances, an unauthenticated attacker could obtain old session information.

Weakness

According to WASC, “Insufficient Session Expiration is when a web site permits an attacker to reuse old session credentials or session IDs for authorization.”

Affected Software

Name	Vendor	Start Version	End Version
Hcl_nomad	Hcltech	*	1.0.13 (excluding)

Potential Mitigations

References

https://support.hcltechsw.com/csm?id=kb_article\u0026sysparm_article=KB0115264