9.0.3.14

CVSS 4.3 - MEDIUM

Attack vector

NETWORK

Attack complexity

LOW

Privileges required

NONE

Confidentiality impact

NONE

Integrity impact

LOW

Availability impact

NONE

network

low complexity

hcltech

CWE-1021

NVD

Published: 2020-07-07

Updated: 2020-07-15

Summary

"HCL AppScan Enterprise advisory API documentation is susceptible to clickjacking, which could allow an attacker to embed the contents of untrusted web pages in a frame."

Vulnerable Configurations

Part	Description	Count
Application	Hcltech Hcltech Appscan 9.0.3.14 Hcltech Appscan 10.0.0	2

Common Weakness Enumeration (CWE)

CWE-1021 - Improper Restriction of Rendered UI Layers or Frames

References

https://support.hcltechsw.com/csm?id=kb_article&sysparm_article=KB0080572
https://support.hcltechsw.com/csm?id=kb_article&sysparm_article=KB0080572&sys_kb_id=3668a078dbb9101855f38d6d13961955