Vulnerabilities > Hcltechsw > Onetest Performance
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2021-02-04 | CVE-2020-14247 | Insufficient Session Expiration vulnerability in Hcltechsw Onetest Performance 10.0.0/10.1.0/9.5.0 HCL OneTest Performance V9.5, V10.0, V10.1 contains an inadequate session timeout, which could allow an attacker time to guess and use a valid session ID. | 6.4 |
| 2021-02-04 | CVE-2020-14246 | Insufficiently Protected Credentials vulnerability in Hcltechsw Onetest Performance 10.0.0/10.1.0/9.5.0 HCL OneTest Performance V9.5, V10.0, V10.1 uses basic authentication which is relatively weak. | 5.0 |
| 2021-02-04 | CVE-2020-14245 | Improper Authentication vulnerability in Hcltechsw Onetest Performance HCL OneTest UI V9.5, V10.0, and V10.1 does not perform authentication for functionality that either requires a provable user identity or consumes a significant amount of resources. | 7.5 |