Vulnerabilities > Hcltech

DATE CVE VULNERABILITY TITLE RISK
2023-08-03 CVE-2023-37498 Unspecified vulnerability in Hcltech Unica
A user is capable of assigning him/herself to arbitrary groups by reusing a POST request issued by an administrator.
network
low complexity
hcltech
8.8
8.8
2023-08-03 CVE-2023-37499 Cross-site Scripting vulnerability in Hcltech Unica
A Persistent Cross-site Scripting (XSS) vulnerability can be carried out in a certain field of the Unica Platform.
network
low complexity
hcltech CWE-79
6.1
6.1
2023-08-03 CVE-2023-37500 Cross-site Scripting vulnerability in Hcltech Unica
A Persistent Cross-site Scripting (XSS) vulnerability can be carried out on certain pages of Unica Platform.
network
low complexity
hcltech CWE-79
6.1
6.1
2023-08-01 CVE-2023-37496 Cross-site Scripting vulnerability in Hcltech Verse
HCL Verse is susceptible to a Stored Cross Site Scripting (XSS) vulnerability.
network
low complexity
hcltech CWE-79
5.4
5.4
2023-07-27 CVE-2023-28012 Command Injection vulnerability in Hcltech Bigfix Mobile 3.0
HCL BigFix Mobile is vulnerable to a command injection attack.
network
low complexity
hcltech CWE-77
8.8
8.8
2023-07-27 CVE-2023-28014 Cross-site Scripting vulnerability in Hcltech Bigfix Mobile 3.0
HCL BigFix Mobile is vulnerable to a cross-site scripting attack.
network
low complexity
hcltech CWE-79
5.4
5.4
2023-07-26 CVE-2023-28013 Cross-site Scripting vulnerability in Hcltech Verse
HCL Verse is susceptible to a Reflected Cross Site Scripting (XSS) vulnerability.
network
low complexity
hcltech CWE-79
6.1
6.1
2023-07-18 CVE-2023-28023 Cross-Site Request Forgery (CSRF) vulnerability in Hcltech Bigfix Webui 14/20/44
A cross site request forgery vulnerability in the BigFix WebUI Software Distribution interface site version 44 and before allows an NMO attacker to access files on server side systems (server machine and all the ones in its network). 
network
low complexity
hcltech CWE-352
6.5
6.5
2023-07-18 CVE-2023-28020 Open Redirect vulnerability in Hcltech Bigfix Webui
 URL redirection in Login page in HCL BigFix WebUI allows malicious user to redirect the client browser to an external site via redirect URL response header.
network
low complexity
hcltech CWE-601
6.1
6.1
2023-07-18 CVE-2023-28021 Inadequate Encryption Strength vulnerability in Hcltech Bigfix Webui
The BigFix WebUI uses weak cipher suites.
network
low complexity
hcltech CWE-326
7.5
7.5