hcltech

395 tracked vulnerabilities.

CVE-2022-27561 HIGH
HCL Traveler < 12.0.1.2 - Reflected Cross-Site Scripting in Web Admin
Sep 15, 2022
CVSS 7.5
EPSS 0.01
CVE-2022-27563 HIGH
HCL VersionVault Express - Unauthenticated Denial of Service
Aug 30, 2022
CVSS 7.5
EPSS 0.01
CVE-2022-27560 MEDIUM
HCL VersionVault Express - Insufficiently Protected Credentials
Aug 30, 2022
CVSS 6.0
EPSS 0.00
CVE-2022-27558 MEDIUM
HCL iNotes - Info Disclosure
Aug 29, 2022
CVSS 5.9
EPSS 0.00
CVE-2022-27547 MEDIUM
HCL iNotes - Open Redirect via Non-Existent Domain Link
Aug 29, 2022
CVSS 6.1
EPSS 0.00
CVE-2022-27546 HIGH
Hcltech Hcl Inotes - XSS
Aug 29, 2022
CVSS 8.3
EPSS 0.00
CVE-2022-27545 MEDIUM
HCL BigFix Platform 9.5-9.5.18 - Authenticated Cross-Site Scripting in Email Configuration Page
Jul 19, 2022
CVSS 4.6
EPSS 0.00
CVE-2022-27544 MEDIUM
HCL BigFix Platform 9.5-9.5.19 - Authenticated Cleartext SMTP Credential Exposure
Jul 19, 2022
CVSS 5.0
EPSS 0.00
CVE-2021-27788 HIGH
HCL Verse 2.0-3.0 - Unauthenticated Stored Cross-Site Scripting via Crafted URL
Mar 10, 2023
CVSS 8.3
EPSS 0.00
CVE-2021-27782 MEDIUM
HCL BigFix Mobile - Info Disclosure
Jan 20, 2023
CVSS 5.4
EPSS 0.00
CVE-2021-27784 MEDIUM
HCL Launch Container - Info Disclosure
Oct 31, 2022
CVSS 5.9
EPSS 0.00
CVE-2021-27774 LOW
HCL Digital Experience - Information Exposure via Error Response
Sep 22, 2022
CVSS 3.1
EPSS 0.00
CVE-2021-27786 MEDIUM
HCL OneTest Server - Permissive Cross-domain Security Policy with Untrusted Domains
Jun 09, 2022
CVSS 4.6
EPSS 0.00
CVE-2021-27778 MEDIUM
HCL Traveler < 12.0.1.0 - Stored Cross-Site Scripting via Approved Applications Name Parameter
Jun 01, 2022
CVSS 4.9
EPSS 0.00
CVE-2021-27781 MEDIUM
HCL BigFix Mobile < 2.1 - Stored Cross-Site Scripting via Master Operator HTML Injection
May 27, 2022
CVSS 6.6
EPSS 0.00
CVE-2021-27780 MEDIUM
HCL BigFix Mobile < 2.1 - Unauthenticated XML External Entity Injection
May 27, 2022
CVSS 5.3
EPSS 0.00
CVE-2021-27783 MEDIUM
HCL BigFix Mobile - Unencrypted Sensitive Data Exposure in PPKG File
May 25, 2022
CVSS 6.8
EPSS 0.00
CVE-2021-27779 CRITICAL
VersionVault Express - Info Disclosure
May 25, 2022
CVSS 9.1
EPSS 0.00
CVE-2021-27777 HIGH
HCL Unica < 12.1.1 - XML External Entity Injection
May 12, 2022
CVSS 7.5
EPSS 0.00
CVE-2021-27773 MEDIUM
Hcltech HCL Sametime Meeting Chat - Clickjacking
May 12, 2022
CVSS 4.2
EPSS 0.00
CVE-2021-27772 HIGH
Hcltech HCL Sametime - Information Disclosure via Group Conversations
May 12, 2022
CVSS 7.1
EPSS 0.00
CVE-2021-27771 HIGH
HCL Sametime - Path Traversal and Arbitrary File Upload via User SID Manipulation
May 12, 2022
CVSS 8.2
EPSS 0.00
CVE-2021-27770 MEDIUM
HCL Sametime - Server-Side Request Forgery via FaviconService Base64-Encoded URL
May 12, 2022
CVSS 6.8
EPSS 0.00
CVE-2021-27769 MEDIUM
Information Disclosure - Info Disclosure
May 12, 2022
CVSS 5.3
EPSS 0.00
CVE-2021-27768 MEDIUM
HCL Verse < 12.0.9 - Improper Certificate Validation
May 12, 2022
CVSS 6.3
EPSS 0.00
Products
bigfix_platform 33 dryice_myxalytics 31 aion 29 connections 22 domino 22 bigfix_service_management 18 aftermarket_cloud 17 sametime 17 unica 17 hcl_leap 11 notes 11 bigfix_mobile 10 bigfix_compliance 9 domino_leap 9 appscan 8 digital_experience 8 bigfix_webui 7 hcl_inotes 7 bigfix_modern_client_management 6 dryice_iautomate 6 traveler 6 bigfix_insights_for_vulnerability_remediation 5 dfxanalytics 5 intelliops_event_management 5 traveler_for_microsoft_outlook 5 verse 5 bigfix_saas 4 dryice_aex 4 hcl_compass 4 hcl_digital_experience 4
Quick Filters
Critical CVEs With Exploits In CISA KEV