hcltech

410 tracked vulnerabilities.

CVE-2021-27784 MEDIUM
HCL Launch Container - Info Disclosure
Oct 31, 2022
CVSS 5.9
EPSS 0.00
CVE-2021-27774 LOW
HCL Digital Experience - Information Exposure via Error Response
Sep 22, 2022
CVSS 3.1
EPSS 0.00
CVE-2021-27786 MEDIUM
HCL OneTest Server - Permissive Cross-domain Security Policy with Untrusted Domains
Jun 09, 2022
CVSS 4.6
EPSS 0.01
CVE-2021-27778 MEDIUM
HCL Traveler < 12.0.1.0 - Stored Cross-Site Scripting via Approved Applications Name Parameter
Jun 01, 2022
CVSS 4.9
EPSS 0.00
CVE-2021-27781 MEDIUM
HCL BigFix Mobile < 2.1 - Stored Cross-Site Scripting via Master Operator HTML Injection
May 27, 2022
CVSS 6.6
EPSS 0.00
CVE-2021-27780 MEDIUM
HCL BigFix Mobile < 2.1 - Unauthenticated XML External Entity Injection
May 27, 2022
CVSS 5.3
EPSS 0.01
CVE-2021-27783 MEDIUM
HCL BigFix Mobile - Unencrypted Sensitive Data Exposure in PPKG File
May 25, 2022
CVSS 6.8
EPSS 0.00
CVE-2021-27779 CRITICAL
VersionVault Express - Info Disclosure
May 25, 2022
CVSS 9.1
EPSS 0.01
CVE-2021-27777 HIGH
HCL Unica < 12.1.1 - XML External Entity Injection
May 12, 2022
CVSS 7.5
EPSS 0.01
CVE-2021-27773 MEDIUM
Hcltech HCL Sametime Meeting Chat - Clickjacking
May 12, 2022
CVSS 4.2
EPSS 0.00
CVE-2021-27772 HIGH
Hcltech HCL Sametime - Information Disclosure via Group Conversations
May 12, 2022
CVSS 7.1
EPSS 0.01
CVE-2021-27771 HIGH
HCL Sametime - Path Traversal and Arbitrary File Upload via User SID Manipulation
May 12, 2022
CVSS 8.2
EPSS 0.01
CVE-2021-27770 MEDIUM
HCL Sametime - Server-Side Request Forgery via FaviconService Base64-Encoded URL
May 12, 2022
CVSS 6.8
EPSS 0.01
CVE-2021-27769 MEDIUM
Information Disclosure - Info Disclosure
May 12, 2022
CVSS 5.3
EPSS 0.01
CVE-2021-27768 MEDIUM
HCL Verse < 12.0.9 - Improper Certificate Validation
May 12, 2022
CVSS 6.3
EPSS 0.00
CVE-2021-27767 MEDIUM
BigFix Console - Privilege Escalation
May 06, 2022
CVSS 6.7
EPSS 0.00
CVE-2021-27766 MEDIUM
BigFix Client - Privilege Escalation
May 06, 2022
CVSS 6.7
EPSS 0.00
CVE-2021-27765 MEDIUM
BigFix Server API - Privilege Escalation
May 06, 2022
CVSS 6.7
EPSS 0.00
CVE-2021-27764 HIGH
HCL BigFix WebUI - Insecure Cookie Permission Assignment
May 06, 2022
CVSS 7.4
EPSS 0.01
CVE-2021-27762 MEDIUM
Misconfigured Security Headers - Info Disclosure
May 06, 2022
CVSS 4.7
EPSS 0.01
CVE-2021-27761 MEDIUM
Web Transport Security - Info Disclosure
May 06, 2022
CVSS 4.8
EPSS 0.00
CVE-2021-27760 MEDIUM
Notes 11.0-11.0.1 FP4 - Authenticated RCE
May 06, 2022
CVSS 4.6
EPSS 0.01
CVE-2021-27759 LOW
HCLTech BigFix Inventory 9.0 through 10.0.7.0 - Cross-Site Request Forgery
May 06, 2022
CVSS 2.3
EPSS 0.00
CVE-2021-27758 MEDIUM
Login Form - Cross-Site Request Forgery
May 06, 2022
CVSS 4.3
EPSS 0.00
CVE-2021-27756 HIGH
BigFix Compliance <v2.0.5 - Info Disclosure
Mar 04, 2022
CVSS 7.5
EPSS 0.01