3.7 CVE-2025-31961
HCL Connections contains a broken access control vulnerability that may allow unauthorized user to update data in certain scenarios.
https://nvd.nist.gov/vuln/detail/CVE-2025-31961
Categories
CWE-1220 : Insufficient Granularity of Access Control
The product implements access controls via a policy or other feature with the intention to disable or restrict accesses (reads and/or writes) to assets in a system from untrusted agents. However, implemented access controls lack required granularity, which renders the control policy too broad because it allows accesses from unauthorized agents to the security-sensitive assets. A form hosting website only checks the session authentication status for a single form, making it possible to bypass authentication when there are multiple forms An operating system has an overly permission Access Control List onsome system files, including those related to user passwords
References
CPE
| cpe |
start |
end |
| Configuration 1 |
| cpe:2.3:a:hcltech:connections:8.0:-:*:*:*:*:*:* |
|
|
| cpe:2.3:a:hcltech:connections:8.0:cumulative_release1:*:*:*:*:*:* |
|
|
| cpe:2.3:a:hcltech:connections:8.0:cumulative_release10:*:*:*:*:*:* |
|
|
| cpe:2.3:a:hcltech:connections:8.0:cumulative_release2:*:*:*:*:*:* |
|
|
| cpe:2.3:a:hcltech:connections:8.0:cumulative_release3:*:*:*:*:*:* |
|
|
| cpe:2.3:a:hcltech:connections:8.0:cumulative_release4:*:*:*:*:*:* |
|
|
| cpe:2.3:a:hcltech:connections:8.0:cumulative_release5:*:*:*:*:*:* |
|
|
| cpe:2.3:a:hcltech:connections:8.0:cumulative_release6:*:*:*:*:*:* |
|
|
| cpe:2.3:a:hcltech:connections:8.0:cumulative_release7:*:*:*:*:*:* |
|
|
| cpe:2.3:a:hcltech:connections:8.0:cumulative_release8:*:*:*:*:*:* |
|
|
| cpe:2.3:a:hcltech:connections:8.0:cumulative_release9:*:*:*:*:*:* |
|
|
REMEDIATION
EXPLOITS
Exploit-db.com
| id |
description |
date |
|
| No known exploits |
POC Github
Other Nist (github, ...)
CAPEC
Common Attack Pattern Enumerations and Classifications
| id |
description |
severity |
| 1 |
Accessing Functionality Not Properly Constrained by ACLs
In applications, particularly web applications, access to functionality is mitigated by an authorization framework. This framework maps Access Control Lists (ACLs) to elements of the application's functionality; particularly URL's for web apps. In the case that the administrator failed to specify an ACL for a particular element, an attacker may be able to access it with impunity. An attacker with the ability to access functionality not properly constrained by ACLs can obtain sensitive information and possibly compromise the entire application. Such an attacker can access resources that must be available only to users at a higher privilege level, can access management sections of the application, or can run queries for data that they otherwise not supposed to. [Survey] The attacker surveys the target application, possibly as a valid and authenticated user [Identify Functionality] At each step, the attacker notes the resource or functionality access mechanism invoked upon performing specific actions [Iterate over access capabilities] Possibly as a valid user, the attacker then tries to access each of the noted access mechanisms directly in order to perform functions not constrained by the ACLs. |
High |
| 180 |
Exploiting Incorrectly Configured Access Control Security Levels
An attacker exploits a weakness in the configuration of access controls and is able to bypass the intended protection that these measures guard against and thereby obtain unauthorized access to the system or network. Sensitive functionality should always be protected with access controls. However configuring all but the most trivial access control systems can be very complicated and there are many opportunities for mistakes. If an attacker can learn of incorrectly configured access security settings, they may be able to exploit this in an attack. [Survey] The attacker surveys the target application, possibly as a valid and authenticated user. [Identify weak points in access control configurations] The attacker probes the access control for functions and data identified in the Explore phase to identify potential weaknesses in how the access controls are configured. [Access the function or data bypassing the access control] The attacker executes the function or accesses the data identified in the Explore phase bypassing the access control. |
Medium |
MITRE
Techniques
| id |
description |
| T1574.010 |
Hijack Execution Flow: ServicesFile Permissions Weakness |
| © 2022 The MITRE Corporation. This work is reproduced and distributed with the permission of The MITRE Corporation. |
Mitigations
| id |
description |
| M1018 |
Limit privileges of user accounts and groups so that only authorized administrators can interact with service changes and service binary target path locations. Deny execution from user directories such as file download directories and temp directories where able. |
| © 2022 The MITRE Corporation. Esta obra se reproduce y distribuye con el permiso de The MITRE Corporation. |
Cybersecurity needs ?
Strengthen software security from the outset with our DevSecOps expertise
Integrate security right from the start of the software development cycle for more robust applications and greater customer confidence.
Our team of DevSecOps experts can help you secure your APIs, data pipelines, CI/CD chains, Docker containers and Kubernetes deployments.
Discover this offer
