Vulnerabilities > Hcltechsw > HCL Commerce > 9.1.9
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2022-12-12 | CVE-2022-38656 | Unspecified vulnerability in Hcltechsw HCL Commerce 9.1.8/9.1.9 HCL Commerce, when using Elasticsearch, can allow a remote attacker to cause a denial of service attack on the site and make administrative changes. | 9.8 |
| 2022-07-30 | CVE-2021-27785 | Insufficiently Protected Credentials vulnerability in Hcltechsw HCL Commerce HCL Commerce's Remote Store server could allow a local attacker to obtain sensitive personal information. | 5.0 |