Vulnerabilities > Hcltechsw > HCL Commerce > 9.1.9

DATE CVE VULNERABILITY TITLE RISK
2022-12-12 CVE-2022-38656 Unspecified vulnerability in Hcltechsw HCL Commerce 9.1.8/9.1.9
HCL Commerce, when using Elasticsearch, can allow a remote attacker to cause a denial of service attack on the site and make administrative changes.
network
low complexity
hcltechsw
critical
9.8
2022-07-30 CVE-2021-27785 Insufficiently Protected Credentials vulnerability in Hcltechsw HCL Commerce
HCL Commerce's Remote Store server could allow a local attacker to obtain sensitive personal information.
local
low complexity
hcltechsw CWE-522
5.0