Vulnerabilities > Hcltech
|2022-06-09||CVE-2021-27786|| Incorrect Comparison vulnerability in Hcltech Onetest Server 10.0/10.1/10.2 |
Cross-origin resource sharing (CORS) enables browsers to perform cross domain requests in a controlled manner.
| 6.8 |
|2022-06-01||CVE-2021-27778|| Cross-site Scripting vulnerability in Hcltech Traveler 10.0.0.0/184.108.40.206 |
HCL Traveler is vulnerable to a cross-site scripting (XSS) caused by improper validation of the Name parameter for Approved Applications in the Traveler administration web pages.
| 3.5 |
|2022-05-27||CVE-2021-27780|| Unspecified vulnerability in Hcltech Bigfix Mobile and Modern Client Management |
The software may be vulnerable to both Un-Auth XML interaction and unauthenticated device enrollment.
| 5.0 |
|2022-05-27||CVE-2021-27781|| Cross-site Scripting vulnerability in Hcltech Bigfix Mobile and Modern Client Management |
The Master operator may be able to embed script tag in HTML with alert pop-up display cookie.
| 3.5 |
|2022-05-25||CVE-2021-27779|| Missing Encryption of Sensitive Data vulnerability in Hcltech Versionvault Express 2.0.1 |
VersionVault Express exposes sensitive information that an attacker can use to impersonate the server or eavesdrop on communications with the server.
| 6.4 |
|2022-05-25||CVE-2021-27783|| Missing Encryption of Sensitive Data vulnerability in Hcltech Bigfix Mobile and Bigfix Modern Client Management |
User generated PPKG file for Bulk Enroll may have unencrypted sensitive information exposed.
| 4.0 |
|2022-05-19||CVE-2020-4107|| Unspecified vulnerability in Hcltech Domino 10.0/11.0/9.0 |
HCL Domino is affected by an Insufficient Access Control vulnerability.
| 4.6 |
|2022-05-12||CVE-2021-27768|| Improper Certificate Validation vulnerability in Hcltech Verse |
Using the ability to perform a Man-in-the-Middle (MITM) attack, which indicates a lack of hostname verification, sensitive account information was able to be intercepted.
| 4.3 |
|2022-05-12||CVE-2021-27769|| Exposure of Resource to Wrong Sphere vulnerability in Hcltech Sametime 11.6 |
Information leakage occurs when a website reveals information that could aid an attacker to further exploit the system.
| 5.0 |
|2022-05-12||CVE-2021-27770|| Exposure of Resource to Wrong Sphere vulnerability in Hcltech Sametime 11.6 |
The vulnerability was discovered within the “FaviconService”.
| 6.8 |