Vulnerabilities > Hcltech

DATE CVE VULNERABILITY TITLE RISK
2022-05-25 CVE-2021-27779 Missing Encryption of Sensitive Data vulnerability in Hcltech Versionvault Express 2.0.1
VersionVault Express exposes sensitive information that an attacker can use to impersonate the server or eavesdrop on communications with the server.
network
low complexity
hcltech CWE-311
critical
9.1
2022-05-25 CVE-2021-27783 Missing Encryption of Sensitive Data vulnerability in Hcltech Bigfix Mobile and Bigfix Modern Client Management
User generated PPKG file for Bulk Enroll may have unencrypted sensitive information exposed.
network
low complexity
hcltech CWE-311
6.5
2022-05-19 CVE-2020-4107 Unspecified vulnerability in Hcltech Domino 10.0/11.0/9.0
HCL Domino is affected by an Insufficient Access Control vulnerability.
local
low complexity
hcltech
7.8
2022-05-12 CVE-2021-27768 Improper Certificate Validation vulnerability in Hcltech Verse
Using the ability to perform a Man-in-the-Middle (MITM) attack, which indicates a lack of hostname verification, sensitive account information was able to be intercepted.
network
high complexity
hcltech CWE-295
5.9
2022-05-12 CVE-2021-27769 Unspecified vulnerability in Hcltech Sametime 11.6
Information leakage occurs when a website reveals information that could aid an attacker to further exploit the system.
network
low complexity
hcltech
5.3
2022-05-12 CVE-2021-27770 Unspecified vulnerability in Hcltech Sametime 11.6
The vulnerability was discovered within the “FaviconService”.
network
low complexity
hcltech
8.8
2022-05-12 CVE-2021-27771 Unrestricted Upload of File with Dangerous Type vulnerability in Hcltech Sametime 11.6
User SID can be modified resulting in an Arbitrary File Upload or deletion of directories causing a Denial of Service.
network
low complexity
hcltech CWE-434
7.6
2022-05-12 CVE-2021-27772 Unspecified vulnerability in Hcltech Sametime 11.6
Users are able to read group conversations without actively taking part in them.
network
low complexity
hcltech
6.5
2022-05-12 CVE-2021-27773 Improper Restriction of Rendered UI Layers or Frames vulnerability in Hcltech Sametime 11.6
This vulnerability allows users to execute a clickjacking attack in the meeting's chat.
network
low complexity
hcltech CWE-1021
4.3
2022-05-12 CVE-2021-27777 XXE vulnerability in Hcltech Unica
XML External Entity (XXE) injection vulnerabilities occur when poorly configured XML parsers process user supplied input without sufficient validation.
network
low complexity
hcltech CWE-611
7.5