Vulnerabilities > Hcltech > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2022-05-12 | CVE-2021-27768 | Improper Certificate Validation vulnerability in Hcltech Verse Using the ability to perform a Man-in-the-Middle (MITM) attack, which indicates a lack of hostname verification, sensitive account information was able to be intercepted. | 5.9 |
| 2022-05-12 | CVE-2021-27769 | Unspecified vulnerability in Hcltech Sametime 11.6 Information leakage occurs when a website reveals information that could aid an attacker to further exploit the system. | 5.3 |
| 2022-05-12 | CVE-2021-27772 | Unspecified vulnerability in Hcltech Sametime 11.6 Users are able to read group conversations without actively taking part in them. | 6.5 |
| 2022-05-12 | CVE-2021-27773 | Improper Restriction of Rendered UI Layers or Frames vulnerability in Hcltech Sametime 11.6 This vulnerability allows users to execute a clickjacking attack in the meeting's chat. | 4.3 |
| 2022-05-06 | CVE-2021-27758 | Cross-Site Request Forgery (CSRF) vulnerability in Hcltech Bigfix Inventory There is a security vulnerability in login form related to Cross-site Request Forgery which prevents user to login after attacker spam to login and system blocked victim's account. | 6.5 |
| 2022-05-06 | CVE-2021-27759 | Insufficient Verification of Data Authenticity vulnerability in Hcltech Bigfix Inventory This vulnerability arises because the application allows the user to perform some sensitive action without verifying that the request was sent intentionally. | 6.5 |
| 2022-05-06 | CVE-2021-27760 | Unspecified vulnerability in Hcltech HCL Inotes 11.0.0/11.0.1 An issue was discovered in the Sametime chat feature in the Notes 11.0 - 11.0.1 FP4 clients. | 5.5 |
| 2022-05-06 | CVE-2021-27764 | Incorrect Permission Assignment for Critical Resource vulnerability in Hcltech Bigfix Webui Cookie without HTTPONLY flag set. | 6.5 |
| 2022-02-21 | CVE-2021-27753 | Path Traversal vulnerability in Hcltech HCL Sametime "Sametime Android PathTraversal Vulnerability" | 5.5 |
| 2022-02-21 | CVE-2021-27755 | Path Traversal vulnerability in Hcltech HCL Sametime "Sametime Android potential path traversal vulnerability when using File class" | 5.5 |