Hcltech: Security Vulnerabilities
The HCL Traveler for Microsoft Outlook executable (HTMO.exe) is being flagged as potentially Malicious Software or an Unrecognized Application.
CVSS Score
6.7
EPSS Score
0.002
Published
2024-09-26
HCL Nomad server on Domino is affected by an open proxy vulnerability in which an unauthenticated attacker can mask their original source IP address. This may enable an attacker to trick the user into exposing sensitive information.
CVSS Score
8.6
EPSS Score
0.004
Published
2024-09-25
HCL Nomad server on Domino is vulnerable to the cache containing sensitive information which could potentially give an attacker the ability to acquire the sensitive information.
CVSS Score
3.7
EPSS Score
0.003
Published
2024-07-19
HCL BigFix Compliance is affected by a missing X-Frame-Options HTTP header which can allow an attacker to create a malicious website that embeds the target website in a frame or iframe, tricking users into performing actions on the target website without their knowledge.
CVSS Score
4.7
EPSS Score
0.005
Published
2024-07-18
HCL BigFix Compliance server can respond with an HTTP status of 500, indicating a server-side error that may cause the server process to die.
CVSS Score
6.2
EPSS Score
0.001
Published
2024-07-18
A security vulnerability in HCL Domino could allow disclosure of sensitive configuration information. A remote unauthenticated attacker could exploit this vulnerability to obtain information to launch further attacks against the affected system.
CVSS Score
5.3
EPSS Score
0.009
Published
2024-07-08
HCL Nomad server on Domino fails to properly handle users configured with limited Domino access resulting in a possible denial of service vulnerability.
CVSS Score
5.3
EPSS Score
0.001
Published
2024-07-05
HCL DRYiCE AEX is potentially impacted by disclosure of sensitive information in the mobile application when a snapshot is taken.
CVSS Score
3.3
EPSS Score
0.004
Published
2024-06-28
HCL DRYiCE
AEX product is impacted by lack of input validation vulnerability in a particular web application. A malicious script can be injected into a system which
can cause the system to behave in unexpected ways.
CVSS Score
3.7
EPSS Score
0.004
Published
2024-06-28
HCL DRYiCE AEX product is impacted by Missing
Root Detection vulnerability in the mobile application. The mobile app can be installed in the rooted
device due to which malicious users can gain unauthorized access to the rooted
devices, compromising security and potentially leading to data breaches or
other malicious activities.
CVSS Score
3.3
EPSS Score
0.004
Published
2024-06-28