hcltech

395 tracked vulnerabilities.

CVE-2024-30154 MEDIUM
HCL SX - Cross-Site Request Forgery
Mar 03, 2025
CVSS 5.3
EPSS 0.00
CVE-2024-30150 MEDIUM
HCL MyCloud - Unauthenticated Privilege Escalation and Information Disclosure
Feb 25, 2025
CVSS 5.3
EPSS 0.00
CVE-2024-23563 LOW
HCL Connections Docs - Exposure of Sensitive Information via Improper Request Handling
Feb 12, 2025
CVSS 3.9
EPSS 0.00
CVE-2024-42207 MEDIUM
HCL iAutomate - Session Fixation
Feb 05, 2025
CVSS 5.5
EPSS 0.00
CVE-2024-42181 LOW
HCL MyXalytics - Cleartext Transmission of Sensitive Information
Jan 12, 2025
CVSS 1.6
EPSS 0.00
CVE-2024-42180 LOW
HCL MyXalytics - Unrestricted Upload of File with Dangerous Type
Jan 12, 2025
CVSS 1.6
EPSS 0.00
CVE-2024-42179 LOW
HCL MyXalytics - Sensitive Information Exposure via HTTP Response Header
Jan 12, 2025
CVSS 2.0
EPSS 0.00
CVE-2024-42175 LOW
HCL MyXalytics - Improper Input Validation
Jan 11, 2025
CVSS 2.6
EPSS 0.00
CVE-2024-42174 LOW
HCL MyXalytics - Username Enumeration via Observable Response Discrepancy
Jan 11, 2025
CVSS 3.7
EPSS 0.00
CVE-2024-42173 MEDIUM
HCL MyXalytics - Weak Password Requirements
Jan 11, 2025
CVSS 4.8
EPSS 0.00
CVE-2024-42172 MEDIUM
HCL MyXalytics - Insufficiently Protected Credentials
Jan 11, 2025
CVSS 5.3
EPSS 0.00
CVE-2024-42171 MEDIUM
HCL MyXalytics - Session Fixation via Crafted URL
Jan 11, 2025
CVSS 6.4
EPSS 0.00
CVE-2024-42170 MEDIUM
HCL MyXalytics - Session Fixation via Crafted URL Session Token
Jan 11, 2025
CVSS 6.8
EPSS 0.00
CVE-2024-42169 HIGH
HCL MyXalytics - Authorization Bypass via Insecure Direct Object Reference
Jan 11, 2025
CVSS 7.1
EPSS 0.00
CVE-2024-42168 HIGH
HCL MyXalytics - Out-of-Band Resource Load via HTTP
Jan 11, 2025
CVSS 8.9
EPSS 0.00
CVE-2024-42188 LOW
HCL Connections - Unauthenticated Broken Access Control
Nov 14, 2024
CVSS 3.7
EPSS 0.00
CVE-2024-30133 MEDIUM
HCL Traveler for Microsoft Outlook - Control Flow Vulnerability
Nov 12, 2024
CVSS 5.3
EPSS 0.00
CVE-2024-30142 LOW
HCL BigFix Compliance - Info Disclosure
Nov 07, 2024
CVSS 3.8
EPSS 0.00
CVE-2024-30141 MEDIUM
HCL BigFix Compliance - Info Disclosure
Nov 07, 2024
CVSS 4.7
EPSS 0.00
CVE-2024-30140 MEDIUM
HCL BigFix Compliance - Open Redirect
Nov 07, 2024
CVSS 5.4
EPSS 0.00
CVE-2024-30149 MEDIUM
HCL AppScan Source <= 10.6.0 - Info Disclosure
Oct 31, 2024
CVSS 4.8
EPSS 0.00
CVE-2024-30106 LOW
HCL Connections - Exposure of Sensitive Information via IBM WebSphere Request Handling
Oct 28, 2024
CVSS 3.5
EPSS 0.00
CVE-2024-30124 MEDIUM
HCL Sametime < 12.0.2 - Insecure Default REST Service Endpoint
Oct 23, 2024
CVSS 4.0
EPSS 0.00
CVE-2024-30122 MEDIUM
HCL Sametime < 12.0.2 - Insecure Storage of Sensitive Information via Missing Security Headers
Oct 23, 2024
CVSS 5.8
EPSS 0.00
CVE-2024-30117 LOW
HCL BigFix Platform 9.5-9.5.25 - Uncontrolled Search Path Element
Oct 14, 2024
CVSS 2.5
EPSS 0.00
Products
bigfix_platform 33 dryice_myxalytics 31 aion 29 connections 22 domino 22 bigfix_service_management 18 aftermarket_cloud 17 sametime 17 unica 17 hcl_leap 11 notes 11 bigfix_mobile 10 bigfix_compliance 9 domino_leap 9 appscan 8 digital_experience 8 bigfix_webui 7 hcl_inotes 7 bigfix_modern_client_management 6 dryice_iautomate 6 traveler 6 bigfix_insights_for_vulnerability_remediation 5 dfxanalytics 5 intelliops_event_management 5 traveler_for_microsoft_outlook 5 verse 5 bigfix_saas 4 dryice_aex 4 hcl_compass 4 hcl_digital_experience 4
Quick Filters
Critical CVEs With Exploits In CISA KEV