Shodan
Vulnerabilities
Vulnerable Software
Hcltech:  Security Vulnerabilities
CVE-2023-37538
HCL Digital Experience is susceptible to cross site scripting (XSS). One subcomponent is vulnerable to reflected XSS. In reflected XSS, an attacker must induce a victim to click on a crafted URL from some delivery mechanism (email, other web site).
CVSS Score
9.3
EPSS Score
0.002
Published
2023-10-11
CVE-2023-37536
An integer overflow in xerces-c++ 3.2.3 in BigFix Platform allows remote attackers to cause out-of-bound access via HTTP request.
CVSS Score
8.2
EPSS Score
0.011
Published
2023-10-11
CVE-2022-44757
BigFix Insights for Vulnerability Remediation (IVR) uses weak cryptography that can lead to credential exposure. An attacker could gain access to sensitive information, modify data in unexpected ways, etc.
CVSS Score
6.5
EPSS Score
0.001
Published
2023-10-11
CVE-2022-44758
BigFix Insights/IVR fixlet uses improper credential handling within certain fixlet content. An attacker can gain access to information that is not explicitly authorized.
CVSS Score
6.5
EPSS Score
0.001
Published
2023-10-11
CVE-2022-42451
Certain credentials within the BigFix Patch Management Download Plug-ins are stored insecurely and could be exposed to a local privileged user.
CVSS Score
4.6
EPSS Score
0.0
Published
2023-10-11
CVE-2023-28010
In some configuration scenarios, the Domino server host name can be exposed. This information could be used to target future attacks.
CVSS Score
4.0
EPSS Score
0.001
Published
2023-09-08
CVE-2023-37512
When the app is put to the background and the user goes to the task switcher of iOS, the app snapshot is not blurred which may reveal sensitive information.
CVSS Score
3.3
EPSS Score
0.001
Published
2023-08-11
CVE-2023-37513
When the app is put to the background and the user goes to the task switcher of iOS, the app snapshot is not blurred which may reveal sensitive information.
CVSS Score
3.3
EPSS Score
0.001
Published
2023-08-11
CVE-2023-37511
If certain App Transport Security (ATS) settings are set in a certain manner, insecure loading of web content can be achieved.
CVSS Score
3.5
EPSS Score
0.002
Published
2023-08-11
CVE-2023-23342
If certain local files are manipulated in a certain manner, the validation to use the cryptographic keys can be circumvented. 
CVSS Score
6.6
EPSS Score
0.001
Published
2023-08-10


Products
Pricing
Contact Us

Shodan ® - All rights reserved