hcltech

395 tracked vulnerabilities.

CVE-2023-37513 LOW
HCL Traveler To-Do < 12.0.6 - Sensitive Information Exposure via App Snapshot
Aug 11, 2023
CVSS 3.3
EPSS 0.00
CVE-2023-37512 LOW
HCL Traveler Companion < 12.0.6 - Sensitive Information Exposure via App Snapshot
Aug 11, 2023
CVSS 3.3
EPSS 0.00
CVE-2023-37511 LOW
HCL Traveler To-Do < 12.0.6 - Insecure Web Content Loading via App Transport Security Misconfiguration
Aug 11, 2023
CVSS 3.5
EPSS 0.00
CVE-2023-23342 MEDIUM
Hcltech HCL Nomad 1.0.0 through 1.0.7 - Cryptographic Key Validation Bypass
Aug 10, 2023
CVSS 6.6
EPSS 0.00
CVE-2023-23347 MEDIUM
HCL DRYiCE iAutomate - Use of a Broken Cryptographic Algorithm
Aug 09, 2023
CVSS 6.4
EPSS 0.00
CVE-2023-23346 MEDIUM
HCL DRYiCE MyCloud - Use of a Broken Cryptographic Algorithm
Aug 09, 2023
CVSS 6.4
EPSS 0.00
CVE-2023-37501 HIGH
HCL Unica < 12.1.1 - Stored Cross-Site Scripting in Campaign Field
Aug 03, 2023
CVSS 8.1
EPSS 0.00
CVE-2023-37500 HIGH
HCL Unica < 12.1.1 - Stored Cross-Site Scripting
Aug 03, 2023
CVSS 8.1
EPSS 0.01
CVE-2023-37499 HIGH
HCL Unica < 12.1.1 - Stored Cross-Site Scripting
Aug 03, 2023
CVSS 8.1
EPSS 0.01
CVE-2023-37498 HIGH
HCLTech Unica <= 12.1.1 - Privilege Escalation
Aug 03, 2023
CVSS 8.1
EPSS 0.00
CVE-2023-37497 HIGH
HCL Unica < 11.1.0.6 - Authenticated XML External Entity Injection
Aug 03, 2023
CVSS 8.1
EPSS 0.00
CVE-2023-37496 HIGH
HCL Verse < 3.1 - Stored Cross-Site Scripting
Aug 01, 2023
CVSS 8.3
EPSS 0.00
CVE-2023-28014 MEDIUM
HCL BigFix Mobile - Authenticated Stored Cross-Site Scripting
Jul 27, 2023
CVSS 6.6
EPSS 0.00
CVE-2023-28012 MEDIUM
HCL BigFix Mobile - Authenticated Command Injection
Jul 27, 2023
CVSS 5.4
EPSS 0.00
CVE-2023-28013 MEDIUM
HCL Verse < 3.1 - Reflected Cross-Site Scripting
Jul 26, 2023
CVSS 6.5
EPSS 0.00
CVE-2023-28023 MEDIUM
BigFix WebUI < 44 - Cross-Site Request Forgery in Software Distribution Interface
Jul 18, 2023
CVSS 4.9
EPSS 0.00
CVE-2023-28021 MEDIUM
BigFix WebUI - Inadequate Encryption Strength
Jul 18, 2023
CVSS 5.9
EPSS 0.00
CVE-2023-28020 MEDIUM
HCL BigFix WebUI - Open Redirect via Login Page Redirect URL Header
Jul 18, 2023
CVSS 4.7
EPSS 0.00
CVE-2023-28019 MEDIUM
Bigfix WebUI < 14 - Authenticated SQL Injection via Unparameterized API Query
Jul 18, 2023
CVSS 5.5
EPSS 0.00
CVE-2023-23344 LOW
BigFix WebUI Insights 14 - Authenticated Missing Authorization
Jun 23, 2023
CVSS 3.0
EPSS 0.00
CVE-2023-28016 LOW
HCL BigFix OSD Bare Metal Server < 311.12 - Host Header Injection
Jun 22, 2023
CVSS 3.1
EPSS 0.00
CVE-2023-28006 HIGH
HCL BigFix OSD Bare Metal Server < 311.12 - Use of a Broken or Risky Cryptographic Algorithm
Jun 22, 2023
CVSS 7.0
EPSS 0.00
CVE-2023-23343 LOW
HCL BigFix OSD Bare Metal Server < 311.12 - Clickjacking via Transparent or Opaque Layers
Jun 22, 2023
CVSS 2.4
EPSS 0.00
CVE-2023-28009 MEDIUM
HCL Workload Automation - XML External Entity Injection
Apr 26, 2023
CVSS 6.5
EPSS 0.00
CVE-2023-28008 HIGH
HCL Workload Automation 9.4, 9.5, and 10.1 - XML External Entity Injection
Apr 26, 2023
CVSS 7.1
EPSS 0.01
Products
bigfix_platform 33 dryice_myxalytics 31 aion 29 connections 22 domino 22 bigfix_service_management 18 aftermarket_cloud 17 sametime 17 unica 17 hcl_leap 11 notes 11 bigfix_mobile 10 bigfix_compliance 9 domino_leap 9 appscan 8 digital_experience 8 bigfix_webui 7 hcl_inotes 7 bigfix_modern_client_management 6 dryice_iautomate 6 traveler 6 bigfix_insights_for_vulnerability_remediation 5 dfxanalytics 5 intelliops_event_management 5 traveler_for_microsoft_outlook 5 verse 5 bigfix_saas 4 dryice_aex 4 hcl_compass 4 hcl_digital_experience 4
Quick Filters
Critical CVEs With Exploits In CISA KEV