Hcltechsw: >> Onetest Performance >> 9.5.0 Security Vulnerabilities
HCL OneTest UI V9.5, V10.0, and V10.1 does not perform authentication for functionality that either requires a provable user identity or consumes a significant amount of resources.
CVSS Score
9.8
EPSS Score
0.004
Published
2021-02-04
HCL OneTest Performance V9.5, V10.0, V10.1 uses basic authentication which is relatively weak. An attacker could potentially decode the encoded credentials.
CVSS Score
7.5
EPSS Score
0.001
Published
2021-02-04
HCL OneTest Performance V9.5, V10.0, V10.1 contains an inadequate session timeout, which could allow an attacker time to guess and use a valid session ID.
CVSS Score
6.5
EPSS Score
0.002
Published
2021-02-04