Shodan
Vulnerabilities
Vulnerable Software
Hcltech:  Security Vulnerabilities
CVE-2023-37541
HCL Connections contains a broken access control vulnerability that may allow unauthorized user to update data in certain scenarios.
CVSS Score
3.5
EPSS Score
0.002
Published
2024-06-25
CVE-2023-37539
The Domino Catalog template is susceptible to a Stored Cross-Site Scripting (XSS) vulnerability. An attacker with the ability to edit documents in the catalog application/database created from this template can embed a cross site scripting attack. The attack would be activated by an end user clicking it.
CVSS Score
8.4
EPSS Score
0.002
Published
2024-06-06
CVE-2024-23554
Cross-Site Request Forgery (CSRF) on Session Token vulnerability that could potentially lead to Remote Code Execution (RCE).
CVSS Score
5.7
EPSS Score
0.005
Published
2024-05-18
CVE-2024-23556
SSL/TLS Renegotiation functionality potentially leading to DoS attack vulnerability.
CVSS Score
5.9
EPSS Score
0.003
Published
2024-05-18
CVE-2024-23583
An attacker could potentially intercept credentials via the task manager and perform unauthorized access to the Client Deploy Tool on Windows systems.
CVSS Score
6.7
EPSS Score
0.001
Published
2024-05-17
CVE-2024-30107
HCL Connections contains a broken access control vulnerability that may expose sensitive information to unauthorized users in certain scenarios.
CVSS Score
3.5
EPSS Score
0.003
Published
2024-04-18
CVE-2024-23557
HCL Connections contains a user enumeration vulnerability. Certain actions could allow an attacker to determine if the user is valid or not, leading to a possible brute force attack.
CVSS Score
3.5
EPSS Score
0.004
Published
2024-04-18
CVE-2023-50347
HCL DRYiCE MyXalytics is impacted by an insecure SQL interface vulnerability, potentially giving an attacker the ability to execute custom SQL queries. A malicious user can run arbitrary SQL commands including changing system configuration.
CVSS Score
3.7
EPSS Score
0.004
Published
2024-04-10
CVE-2023-45705
An administrative user of WebReports may perform a Server Side Request Forgery (SSRF) exploit through SMTP configuration options.
CVSS Score
3.5
EPSS Score
0.002
Published
2024-03-28
CVE-2023-45706
An administrative user of WebReports may perform a Cross Site Scripting (XSS) and/or Man in the Middle (MITM) exploit through SAML configuration.
CVSS Score
2.0
EPSS Score
0.005
Published
2024-03-28


Products
Pricing
Contact Us

Shodan ® - All rights reserved