hcltech

410 tracked vulnerabilities.

CVE-2024-30152 MEDIUM
HCL SX v21 - Use of a Broken or Risky Cryptographic Algorithm
Apr 25, 2025
CVSS 6.5
EPSS 0.00
CVE-2024-30127 LOW
HCL Leap < 9.3.9 - Sensitive Data Exposure via Missing Cache Headers
Apr 24, 2025
CVSS 3.2
EPSS 0.00
CVE-2024-30147 MEDIUM
HCL Leap - Client-Side Code Injection
Apr 24, 2025
CVSS 6.5
EPSS 0.00
CVE-2024-30114 LOW
HCL Leap < 9.3.6 - Stored Cross-Site Scripting in Authoring Environment
Apr 24, 2025
CVSS 3.7
EPSS 0.00
CVE-2024-30113 MEDIUM
HCL Leap < 9.3.6 - Stored Cross-Site Scripting via HTML Widget
Apr 24, 2025
CVSS 6.3
EPSS 0.00
CVE-2024-30148 MEDIUM
HCL Leap < 9.3.8 - Improper Access Control via Application Import Endpoint
Apr 24, 2025
CVSS 4.1
EPSS 0.00
CVE-2024-42178 LOW
HCL MyXalytics - Unauthenticated Information Disclosure via Unrestricted URL Access
Apr 17, 2025
CVSS 2.5
EPSS 0.00
CVE-2024-42177 LOW
HCL MyXalytics - Inadequate Encryption Strength via SSL/TLS Protocol
Apr 17, 2025
CVSS 2.6
EPSS 0.00
CVE-2024-42193 HIGH
HCL BigFix Platform 10.0.0-10.0.12 - Improper Certificate Validation
Apr 15, 2025
CVSS 8.1
EPSS 0.00
CVE-2024-42200 MEDIUM
HCL BigFix Platform 10.0.0-10.0.12 - Stored Cross-Site Scripting in Web Reports
Apr 15, 2025
CVSS 5.4
EPSS 0.00
CVE-2024-42189 MEDIUM
HCL BigFix Platform 10.0.0-10.0.12 - Denial of Service via API Parameter
Apr 15, 2025
CVSS 6.5
EPSS 0.00
CVE-2024-42208 LOW
HCL Connections - Exposure of Sensitive Information via Improper Request Handling
Apr 04, 2025
CVSS 3.5
EPSS 0.00
CVE-2024-30155 MEDIUM
HCL SX - Sensitive Cookie with Improper SameSite Attribute
Mar 26, 2025
CVSS 5.5
EPSS 0.00
CVE-2024-42176 LOW
HCL MyXalytics - Concurrent Login Vulnerability
Mar 19, 2025
CVSS 2.6
EPSS 0.00
CVE-2024-30154 MEDIUM
HCL SX - Cross-Site Request Forgery
Mar 03, 2025
CVSS 5.3
EPSS 0.00
CVE-2024-30150 MEDIUM
HCL MyCloud - Unauthenticated Privilege Escalation and Information Disclosure
Feb 25, 2025
CVSS 5.3
EPSS 0.00
CVE-2024-23563 LOW
HCL Connections Docs - Exposure of Sensitive Information via Improper Request Handling
Feb 12, 2025
CVSS 3.9
EPSS 0.00
CVE-2024-42207 MEDIUM
HCL iAutomate - Session Fixation
Feb 05, 2025
CVSS 5.5
EPSS 0.00
CVE-2024-42181 LOW
HCL MyXalytics - Cleartext Transmission of Sensitive Information
Jan 12, 2025
CVSS 1.6
EPSS 0.00
CVE-2024-42180 LOW
HCL MyXalytics - Unrestricted Upload of File with Dangerous Type
Jan 12, 2025
CVSS 1.6
EPSS 0.00
CVE-2024-42179 LOW
HCL MyXalytics - Sensitive Information Exposure via HTTP Response Header
Jan 12, 2025
CVSS 2.0
EPSS 0.00
CVE-2024-42175 LOW
HCL MyXalytics - Improper Input Validation
Jan 11, 2025
CVSS 2.6
EPSS 0.00
CVE-2024-42174 LOW
HCL MyXalytics - Username Enumeration via Observable Response Discrepancy
Jan 11, 2025
CVSS 3.7
EPSS 0.00
CVE-2024-42173 MEDIUM
HCL MyXalytics - Weak Password Requirements
Jan 11, 2025
CVSS 4.8
EPSS 0.00
CVE-2024-42172 MEDIUM
HCL MyXalytics - Insufficiently Protected Credentials
Jan 11, 2025
CVSS 5.3
EPSS 0.00