Shodan
Vulnerabilities
Vulnerable Software
Hcltech:  Security Vulnerabilities
CVE-2025-52658
HCL MyXalytics is affected by the use of vulnerable/outdated versions which can expose the application to known security risks that could be exploited.
CVSS Score
3.5
EPSS Score
0.001
Published
2025-10-03
CVE-2025-52653
HCL MyXalytics product is affected by Cross Site Scripting vulnerability in the web application. This can allow the execution of unauthorized scripts, potentially resulting in unauthorized actions or access.
CVSS Score
7.6
EPSS Score
0.001
Published
2025-10-03
CVE-2025-31972
HCL BigFix SM is affected by a Sensitive Information Exposure vulnerability where internal connections do not use TLS encryption which could allow an attacker unauthorized access to sensitive data transmitted between internal components.
CVSS Score
6.5
EPSS Score
0.0
Published
2025-08-28
CVE-2025-31977
HCL BigFix SM is affected by cryptographic weakness due to weak or outdated encryption algorithms.  An attacker with network access could exploit this weakness to decrypt or manipulate encrypted communications under certain conditions.
CVSS Score
5.3
EPSS Score
0.0
Published
2025-08-28
CVE-2025-31988
HCL Digital Experience is susceptible to cross site scripting (XSS) in an administrative UI with restricted access.
CVSS Score
4.9
EPSS Score
0.001
Published
2025-08-19
CVE-2025-52618
HCL BigFix SaaS Authentication Service is affected by a SQL injection vulnerability. The vulnerability allows potential attackers to manipulate SQL queries.
CVSS Score
4.3
EPSS Score
0.001
Published
2025-08-15
CVE-2025-52619
HCL BigFix SaaS Authentication Service is affected by a sensitive information disclosure. Under certain conditions, error messages disclose sensitive version information about the underlying platform.
CVSS Score
5.3
EPSS Score
0.001
Published
2025-08-15
CVE-2025-52620
HCL BigFix SaaS Authentication Service is affected by a Cross-Site Scripting (XSS) vulnerability. The image upload functionality inadequately validated the submitted image format.
CVSS Score
4.3
EPSS Score
0.001
Published
2025-08-15
CVE-2025-52621
HCL BigFix SaaS Authentication Service is vulnerable to cache poisoning.  The BigFix SaaS's HTTP responses were observed to include the Origin header. Its presence alongside an unvalidated reflection of the Origin header value introduces a potential for cache poisoning.
CVSS Score
5.3
EPSS Score
0.0
Published
2025-08-15
CVE-2025-31961
HCL Connections contains a broken access control vulnerability that may allow unauthorized user to update data in certain scenarios.
CVSS Score
3.7
EPSS Score
0.0
Published
2025-08-15


Products
Pricing
Contact Us

Shodan ® - All rights reserved