CVE-2024-42192— HCL Traveler for Microsoft Outlook (HTMO) is susceptible to a credential leakage
Get alerts for future matching vulnerabilitiesLog in to subscribe
I. Basic Information for CVE-2024-42192
Vulnerability Information
Have questions about the vulnerability? See if Shenlong's analysis helps!
View Shenlong Deep Dive ↗ Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
HCL Traveler for Microsoft Outlook (HTMO) is susceptible to a credential leakage
Source: NVD (National Vulnerability Database)
Vulnerability Description
HCL Traveler for Microsoft Outlook (HTMO) is susceptible to a credential leakage which could allow an attacker to access other computers or applications.
Source: NVD (National Vulnerability Database)
CVSS Information
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
Source: NVD (National Vulnerability Database)
Vulnerability Type
不充分的凭证保护机制
Source: NVD (National Vulnerability Database)
Vulnerability Title
HCL Traveler for Microsoft Outlook 安全漏洞
Source: CNNVD (China National Vulnerability Database)
Vulnerability Description
HCL Traveler for Microsoft Outlook是印度HCL公司的一个Microsoft Outlook中的软件组件。 HCL Traveler for Microsoft Outlook存在安全漏洞,该漏洞源于凭证泄露,可能导致攻击者访问其他计算机或应用程序。
Source: CNNVD (China National Vulnerability Database)
CVSS Information
N/A
Source: CNNVD (China National Vulnerability Database)
Vulnerability Type
N/A
Source: CNNVD (China National Vulnerability Database)
Affected Products
| Vendor | Product | Affected Versions | CPE | Subscribe |
|---|---|---|---|---|
| HCL Software | Traveler for Microsoft Outlook | 3.0.14 | - |
II. Public POCs for CVE-2024-42192
| # | POC Description | Source Link | Shenlong Link |
|---|
AI-Generated POCPremium
No public POC found.
Login to generate AI POCIII. Intelligence Information for CVE-2024-42192
请登录查看更多情报信息。
Same Patch Batch · HCL Software · 2025-10-16 · 5 CVEs total
| CVE-2025-0277 | 6.5 MEDIUM | HCL BigFix Mobile is affected by an insecure Content Security Policy (CSP) |
| CVE-2025-0276 | 6.5 MEDIUM | HCL BigFix Modern Client Management (MCM) is affected by an insecure Content Security Poli |
| CVE-2025-0275 | 5.3 MEDIUM | HCL BigFix Mobile 3.3 and earlier is affected by improper access control |
| CVE-2025-0274 | 5.3 MEDIUM | HCL BigFix Modern Client Management (MCM) 3.3 and earlier is affected by improper access c |
IV. Related Vulnerabilities
Same vendor: HCL Software
- CVE-2025-31974
HCL BigFix Service Management (SM) is susceptible to a Root - CVE-2025-31976
HCL BigFix Service Management (SM) is vulnerable to insuffic - CVE-2025-31978
HCL BigFix Service Management (SM) does not adequately sanit - CVE-2025-31959
HCL BigFix Service Management (SM) application fails to stri - CVE-2025-31982
HCL BigFix Service Management (SM) had directories that were
Same weakness: CWE-522
- CVE-2026-42295
Argo Workflows: Exposure of artifact repository credentials - CVE-2026-41506
go-git Credential leak via cross-host redirect in smart HTTP - CVE-2025-62345
HCL BigFix RunBookAI is affected by a Continued availability - CVE-2026-23927
Agent 2 Oracle plugin TNS connection string injection via th - CVE-2026-42367
GeoVision LPC2011/LPC2211 Web Interface / ssi.cgi privilege
V. Comments for CVE-2024-42192
No comments yet