hcltech

395 tracked vulnerabilities.

CVE-2020-4084 MEDIUM
HCL Connections 5.5, 6.0, 6.5 - Stored Cross-Site Scripting
Mar 09, 2020
CVSS 5.4
EPSS 0.00
CVE-2020-4083 MEDIUM
HCL Connections 6.5 - Sensitive Information Disclosure via Trace Logs
Mar 05, 2020
CVSS 5.5
EPSS 0.00
CVE-2020-4082 MEDIUM
HCL Connections 5.5 - Cross-Site Scripting in Help System
Mar 05, 2020
CVSS 5.4
EPSS 0.00
CVE-2019-4326 HIGH
HCL AppScan Enterprise - Info Disclosure
Oct 06, 2020
CVSS 7.5
EPSS 0.00
CVE-2019-4325 MEDIUM
HCL AppScan Enterprise - Info Disclosure
Oct 06, 2020
CVSS 5.3
EPSS 0.00
CVE-2019-4091 MEDIUM
HCL Marketing Platform 10.1.0-10.1.0.3 - Stored Cross-Site Scripting in User Addition and Search
Jul 17, 2020
CVSS 5.4
EPSS 0.00
CVE-2019-4090 MEDIUM
HCL Marketing Campaign 10.1.0-10.1.0.2 - Stored Cross-Site Scripting in Campaign Description Field
Jul 17, 2020
CVSS 5.4
EPSS 0.00
CVE-2019-4324 MEDIUM
HCL AppScan Enterprise < 10.0.0 - Cross-Site Scripting via Crafted Test Policy Import
Jul 07, 2020
CVSS 6.1
EPSS 0.00
CVE-2019-4323 MEDIUM
HCL AppScan < 10.0.0 - Clickjacking via API Documentation
Jul 07, 2020
CVSS 4.3
EPSS 0.00
CVE-2019-4209 MEDIUM
HCL Connections 5.5, 6.0, 6.5 - Open Redirect
May 01, 2020
CVSS 6.1
EPSS 0.00
CVE-2019-4327 HIGH
HCL AppScan Enterprise - Info Disclosure
Apr 21, 2020
CVSS 7.5
EPSS 0.00
CVE-2019-4393 CRITICAL
HCL AppScan Standard < 10.0.0 - Improper Restriction of Excessive Authentication Attempts
Apr 07, 2020
CVSS 9.8
EPSS 0.00
CVE-2019-4391 HIGH
HCL AppScan Standard < 9.0.3.14 - XML External Entity Injection
Apr 07, 2020
CVSS 8.2
EPSS 0.01
CVE-2019-4301 HIGH
BigFix Self-Service Application - Remote Code Execution via Running Message or Post Message HTML
Feb 28, 2020
CVSS 8.4
EPSS 0.01
CVE-2019-4392 CRITICAL
HCL AppScan <9.0.3.13 - Privilege Escalation
Feb 14, 2020
CVSS 9.8
EPSS 0.00
CVE-2019-4388 MEDIUM
HCL AppScan Source < 9.0.3.13 - Stored Cross-Site Scripting in Web UI
Dec 18, 2019
CVSS 4.8
EPSS 0.00
CVE-2019-4409 MEDIUM
HCL Traveler < 10.0.0.0 - Cross-Site Scripting via Problem Report File Attachment Error Message
Oct 18, 2019
CVSS 5.4
EPSS 0.00
CVE-2019-16188 HIGH
HCL AppScan Source < 9.03.13 - XML External Entity Injection via .ozasmt File Import
Sep 25, 2019
CVSS 7.1
EPSS 0.00
CVE-2018-11518 HIGH
HCL Legacy IVR Firmware - Phreaking Attack via Predictable DTMF Signal Replay
May 30, 2018
CVSS 8.1
EPSS 0.01
CVE-2017-1712 MEDIUM
HCL Domino < 9.0.1 - Inadequate Encryption Strength via TLS Protocol Implementation
Jul 01, 2020
CVSS 5.9
EPSS 0.00
Products
bigfix_platform 33 dryice_myxalytics 31 aion 29 connections 22 domino 22 bigfix_service_management 18 aftermarket_cloud 17 sametime 17 unica 17 hcl_leap 11 notes 11 bigfix_mobile 10 bigfix_compliance 9 domino_leap 9 appscan 8 digital_experience 8 bigfix_webui 7 hcl_inotes 7 bigfix_modern_client_management 6 dryice_iautomate 6 traveler 6 bigfix_insights_for_vulnerability_remediation 5 dfxanalytics 5 intelliops_event_management 5 traveler_for_microsoft_outlook 5 verse 5 bigfix_saas 4 dryice_aex 4 hcl_compass 4 hcl_digital_experience 4
Quick Filters
Critical CVEs With Exploits In CISA KEV