Shodan
Vulnerabilities
Vulnerable Software
Hcltech:  Security Vulnerabilities
CVE-2020-4085
"HCL Connections is vulnerable to possible information leakage and could disclose sensitive information via stack trace to a local user."
CVSS Score
6.5
EPSS Score
0.003
Published
2020-04-22
CVE-2019-4327
"HCL AppScan Enterprise uses hard-coded credentials which can be exploited by attackers to get unauthorized access to application's encrypted files."
CVSS Score
7.5
EPSS Score
0.004
Published
2020-04-21
CVE-2019-4391
HCL AppScan Standard is vulnerable to XML External Entity Injection (XXE) attack when processing XML data
CVSS Score
8.2
EPSS Score
0.005
Published
2020-04-07
CVE-2019-4393
HCL AppScan Standard is vulnerable to excessive authorization attempts
CVSS Score
9.8
EPSS Score
0.004
Published
2020-04-07
CVE-2020-4084
HCL Connections v5.5, v6.0, and v6.5 are vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session.
CVSS Score
5.4
EPSS Score
0.003
Published
2020-03-09
CVE-2020-4082
The HCL Connections 5.5 help system is vulnerable to cross-site scripting, caused by improper validation of user-supplied input. A remote attacker could exploit this vulnerability using a specially-crafted URL to execute script in a victim's Web browser within the security context of the hosting Web site, once the URL is clicked. An attacker could use this vulnerability to steal the victim's cookie-based authentication credentials.
CVSS Score
5.4
EPSS Score
0.002
Published
2020-03-05
CVE-2020-4083
HCL Connections 6.5 is vulnerable to possible information leakage. Connections could disclose sensitive information via trace logs to a local user.
CVSS Score
5.5
EPSS Score
0.001
Published
2020-03-05
CVE-2019-4301
BigFix Self-Service Application (SSA) is vulnerable to arbitrary code execution if Javascript code is included in Running Message or Post Message HTML.
CVSS Score
8.4
EPSS Score
0.005
Published
2020-02-28
CVE-2019-4392
HCL AppScan Standard Edition 9.0.3.13 and earlier uses hard-coded credentials which can be exploited by attackers to get unauthorized access to the system.
CVSS Score
9.8
EPSS Score
0.004
Published
2020-02-14
CVE-2019-4388
HCL AppScan Source 9.0.3.13 and earlier is susceptible to cross-site scripting (XSS) attacks by allowing users to embed arbitrary JavaScript code in the Web UI.
CVSS Score
4.8
EPSS Score
0.002
Published
2019-12-18


Products
Pricing
Contact Us

Shodan ® - All rights reserved