Vulnerabilities > Hcltech

DATE CVE VULNERABILITY TITLE RISK
2022-12-24 CVE-2022-38658 Missing Encryption of Sensitive Data vulnerability in Hcltech Bigfix Server Automation
BigFix deployments that have installed the Notification Service on Windows are susceptible to disclosing SMTP BigFix operator's sensitive data in clear text.
network
low complexity
hcltech CWE-311
7.5
2022-12-21 CVE-2022-38655 Unspecified vulnerability in Hcltech Bigfix Webui 20
BigFix WebUI non-master operators are missing controls that prevent them from being able to modify the relevance of fixlets or to deploy fixlets from the BES Support external site.
network
low complexity
hcltech
5.8
2022-12-19 CVE-2022-38653 Cross-site Scripting vulnerability in Hcltech Digital Experience 8.5/9.0/9.5
In HCL Digital Experience, customized XSS payload can be constructed such that it is served in the application unencoded.
network
low complexity
hcltech CWE-79
5.4
2022-12-19 CVE-2022-38659 Inadequate Encryption Strength vulnerability in Hcltech Bigfix Platform
In specific scenarios, on Windows the operator credentials may be encrypted in a manner that is not completely machine-dependent.
local
low complexity
hcltech CWE-326
7.8
2022-12-19 CVE-2022-38662 Open Redirect vulnerability in Hcltech HCL Digital Experience 8.5/9.0/9.5
 In HCL Digital Experience, URLs can be constructed to redirect users to untrusted sites.
network
low complexity
hcltech CWE-601
6.1
2022-12-19 CVE-2022-42453 Improper Authentication vulnerability in Hcltech Bigfix Platform
There are insufficient warnings when a Fixlet is imported by a user.
network
low complexity
hcltech CWE-287
6.5
2022-12-19 CVE-2022-44750 Out-of-bounds Write vulnerability in Hcltech Domino 9.0/9.0.1
HCL Domino is susceptible to a stack based buffer overflow vulnerability in lasr.dll in Micro Focus KeyView.
local
low complexity
hcltech CWE-787
7.8
2022-12-19 CVE-2022-44751 Out-of-bounds Write vulnerability in Hcltech Notes 10.0.1/9.0.1
HCL Notes is susceptible to a stack based buffer overflow vulnerability in lasr.dll in Micro Focus KeyView.
local
low complexity
hcltech CWE-787
7.8
2022-12-19 CVE-2022-44752 Out-of-bounds Write vulnerability in Hcltech Domino 9.0/9.0.1
HCL Domino is susceptible to a stack based buffer overflow vulnerability in wp6sr.dll in Micro Focus KeyView.
local
low complexity
hcltech CWE-787
7.8
2022-12-19 CVE-2022-44753 Out-of-bounds Write vulnerability in Hcltech Notes 10.0.1/9.0.1
HCL Notes is susceptible to a stack based buffer overflow vulnerability in wp6sr.dll in Micro Focus KeyView.
local
low complexity
hcltech CWE-787
7.8