Vulnerabilities > CVE-2020-14247 - Insufficient Session Expiration vulnerability in Hcltechsw Onetest Performance 10.0.0/10.1.0/9.5.0

047910
CVSS 6.5 - MEDIUM
Attack vector
NETWORK
Attack complexity
LOW
Privileges required
NONE
Confidentiality impact
LOW
Integrity impact
LOW
Availability impact
NONE
network
low complexity
hcltechsw
CWE-613
NVD
Published: 2021-02-04
Updated: 2021-02-09

Summary

HCL OneTest Performance V9.5, V10.0, V10.1 contains an inadequate session timeout, which could allow an attacker time to guess and use a valid session ID.

Vulnerable Configurations

Part Description Count
Application
Hcltechsw
3

Common Weakness Enumeration (CWE)

References