Vulnerabilities > Hcltech
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2022-03-04 | CVE-2021-27757 | Cleartext Storage of Sensitive Information vulnerability in Hcltech Bigfix Insights 10.0 " Insecure password storage issue.The application stores sensitive information in cleartext within a resource that might be accessible to another control sphere.Since the information is stored in cleartext, attackers could potentially read it and gain access to sensitive information." | 7.5 |
| 2022-02-21 | CVE-2021-27753 | Path Traversal vulnerability in Hcltech HCL Sametime "Sametime Android PathTraversal Vulnerability" | 5.5 |
| 2022-02-21 | CVE-2021-27755 | Path Traversal vulnerability in Hcltech HCL Sametime "Sametime Android potential path traversal vulnerability when using File class" | 5.5 |
| 2021-10-25 | CVE-2020-14264 | Use of a Broken or Risky Cryptographic Algorithm vulnerability in Hcltech Traveler Companion "HCL Traveler Companion is vulnerable to an iOS weak cryptographic process vulnerability via the included MobileIron AppConnect SDK" | 3.9 |
| 2021-10-21 | CVE-2020-14263 | Incorrect Permission Assignment for Critical Resource vulnerability in Hcltech Traveler Companion "HCL Traveler Companion is vulnerable to an iOS weak cryptographic process vulnerability via the included MobileIron AppConnect SDK" | 3.9 |
| 2021-02-02 | CVE-2020-4081 | Cross-site Scripting vulnerability in Hcltech Digital Experience 8.5/9.0/9.5 In Digital Experience 8.5, 9.0, and 9.5, WSRP consumer is vulnerable to cross-site scripting (XSS). | 6.1 |
| 2021-02-02 | CVE-2020-14255 | Unspecified vulnerability in Hcltech Digital Experience 9.5 HCL Digital Experience 9.5 containers include vulnerabilities that could expose sensitive data to unauthorized parties via crafted requests. | 7.5 |
| 2021-02-02 | CVE-2020-14221 | Unspecified vulnerability in Hcltech Digital Experience 8.5/9.0/9.5 HCL Digital Experience 8.5, 9.0, and 9.5 exposes information about the server to unauthorized users. | 4.9 |
| 2020-12-28 | CVE-2020-14273 | Improper Input Validation vulnerability in Hcltech Domino 10.0.1/11.0.0/11.0.1 HCL Domino is susceptible to a Denial of Service (DoS) vulnerability due to insufficient validation of input to its public API. | 7.5 |
| 2020-12-22 | CVE-2020-14270 | Improper Handling of Exceptional Conditions vulnerability in Hcltech Domino HCL Domino v9, v10, v11 is susceptible to an Information Disclosure vulnerability in XPages due to improper error handling of user input. | 5.3 |