Vulnerabilities > Hcltech > High

DATE CVE VULNERABILITY TITLE RISK
2024-09-27 CVE-2024-23586 Insufficient Session Expiration vulnerability in Hcltech HCL Nomad
HCL Nomad is susceptible to an insufficient session expiration vulnerability.
network
low complexity
hcltech CWE-613
7.5
7.5
2024-07-08 CVE-2024-23562 Unspecified vulnerability in Hcltech Domino 11.0/12.0/14.0
A security vulnerability in HCL Domino could allow disclosure of sensitive configuration information.
network
low complexity
hcltech
7.5
7.5
2024-02-10 CVE-2023-45696 Unspecified vulnerability in Hcltech Sametime 11.6/12.0
Sametime is impacted by sensitive fields with autocomplete enabled in the Legacy web chat client.
network
low complexity
hcltech
7.5
7.5
2024-02-09 CVE-2023-45718 Session Fixation vulnerability in Hcltech Sametime 11.6/12.0
Sametime is impacted by a failure to invalidate sessions.
network
low complexity
hcltech CWE-384
7.5
7.5
2024-02-09 CVE-2023-50349 Cross-Site Request Forgery (CSRF) vulnerability in Hcltech Sametime 11.6/12.0
Sametime is impacted by a Cross Site Request Forgery (CSRF) vulnerability.
network
low complexity
hcltech CWE-352
8.8
8.8
2024-01-30 CVE-2023-37518 Code Injection vulnerability in Hcltech Bigfix Servicenow Data Flow 1.2
HCL BigFix ServiceNow is vulnerable to arbitrary code injection.
network
low complexity
hcltech CWE-94
8.8
8.8
2024-01-03 CVE-2023-50341 Unspecified vulnerability in Hcltech Dryice Myxalytics 5.9/6.0/6.1
HCL DRYiCE MyXalytics is impacted by Improper Access Control (Obsolete web pages) vulnerability.
network
low complexity
hcltech
7.5
7.5
2024-01-03 CVE-2023-50350 Use of a Broken or Risky Cryptographic Algorithm vulnerability in Hcltech Dryice Myxalytics 5.9/6.0/6.1
HCL DRYiCE MyXalytics is impacted by the use of a broken cryptographic algorithm for encryption, potentially giving an attacker ability to decrypt sensitive information.
network
low complexity
hcltech CWE-327
7.5
7.5
2023-10-18 CVE-2023-37502 Unrestricted Upload of File with Dangerous Type vulnerability in Hcltech HCL Compass
HCL Compass is vulnerable to lack of file upload security.
network
low complexity
hcltech CWE-434
8.8
8.8
2023-10-17 CVE-2023-37537 Unquoted Search Path or Element vulnerability in Hcltech Appscan Presence 2.1.37
An unquoted service path vulnerability in HCL AppScan Presence, deployed as a Windows service in HCL AppScan on Cloud (ASoC), may allow a local attacker to gain elevated privileges.
local
low complexity
hcltech CWE-428
7.8
7.8