Hcltech: Security Vulnerabilities
File upload vulnerability in HCL Technologies Ltd. Unica 12.0.0.
CVSS Score
6.3
EPSS Score
0.0
Published
2025-11-28
HCL Connections is vulnerable to a sensitive information disclosure vulnerability which could allow a user to obtain sensitive information they are not entitled to, caused by improper rendering of application data.
CVSS Score
3.5
EPSS Score
0.0
Published
2025-11-18
HCL iAutomate v6.5.1 and v6.5.2 is susceptible to a sensitive information disclosure. An HTTP GET method is used to process a request and includes sensitive information in the query string of that request. An attacker could potentially access information or resources they were not intended to see.
CVSS Score
5.4
EPSS Score
0.0
Published
2025-11-05
HCL Traveler for Microsoft Outlook (HTMO) is susceptible to a credential leakage which could allow an attacker to access other computers or applications.
CVSS Score
5.5
EPSS Score
0.0
Published
2025-10-16
HCL BigFix Mobile 3.3 and earlier are vulnerable to certain insecure directives within the Content Security Policy (CSP). An attacker could trick users into performing actions by not properly restricting the sources of scripts and other content.
CVSS Score
6.5
EPSS Score
0.0
Published
2025-10-16
HCL BigFix Modern Client Management (MCM) 3.3 and earlier are vulnerable to certain insecure directives within the Content Security Policy (CSP). An attacker could trick users into performing actions by not properly restricting the sources of scripts and other content.
CVSS Score
6.5
EPSS Score
0.0
Published
2025-10-16
HCL BigFix Mobile 3.3 and earlier is affected by improper access control. Unauthorized users can access a small subset of endpoint actions, potentially allowing access to select internal functions.
CVSS Score
5.3
EPSS Score
0.0
Published
2025-10-16
HCL BigFix Modern Client Management (MCM) 3.3 and earlier is affected by improper access control. Unauthorized users can access a small subset of endpoint actions, potentially allowing access to select internal functions.
CVSS Score
5.3
EPSS Score
0.0
Published
2025-10-16
HCL Unica Platform is affected by unprotected files due to improper access controls. These files may contain sensitive information such as private or system information that can be exploited by attackers to compromise the application, infrastructure, or users.
CVSS Score
5.3
EPSS Score
0.0
Published
2025-10-13
HCL Unica Platform is impacted by misconfigured security related HTTP headers. This can lead to less secure browser default treatment for the policies controlled by these headers.
CVSS Score
3.5
EPSS Score
0.0
Published
2025-10-12