Vulnerabilities > CVE-2022-38656 - Unspecified vulnerability in Hcltechsw HCL Commerce 9.1.8/9.1.9
Attack vector
NETWORK Attack complexity
LOW Privileges required
NONE Confidentiality impact
HIGH Integrity impact
HIGH Availability impact
HIGH Summary
HCL Commerce, when using Elasticsearch, can allow a remote attacker to cause a denial of service attack on the site and make administrative changes.
Vulnerable Configurations
| Part | Description | Count |
|---|---|---|
| Application | 2 |