Vulnerabilities > Hcltechsw
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2022-12-21 | CVE-2022-42454 | Unspecified vulnerability in Hcltechsw Bigfix Insights for vulnerability Remediation Insights for Vulnerability Remediation (IVR) is vulnerable to man-in-the-middle attacks that may lead to information disclosure.? This requires privileged network access. | 5.3 |
| 2022-12-21 | CVE-2022-44756 | Improper Input Validation vulnerability in Hcltechsw Bigfix Insights for vulnerability Remediation Insights for Vulnerability Remediation (IVR) is vulnerable to improper input validation. | 6.5 |
| 2022-12-12 | CVE-2022-38656 | Unspecified vulnerability in Hcltechsw HCL Commerce 9.1.8/9.1.9 HCL Commerce, when using Elasticsearch, can allow a remote attacker to cause a denial of service attack on the site and make administrative changes. | 9.8 |
| 2022-12-12 | CVE-2022-38661 | Unspecified vulnerability in Hcltechsw HCL Workload Automation HCL Workload Automation could allow a local user to overwrite key system files which would cause the system to crash. | 7.1 |
| 2022-12-12 | CVE-2022-42445 | Unspecified vulnerability in Hcltechsw HCL Launch HCL Launch could allow a user with administrative privileges, including "Manage Security" permissions, the ability to recover a credential previously saved for performing authenticated LDAP searches. | 4.9 |
| 2022-08-03 | CVE-2022-27551 | Incorrect Authorization vulnerability in Hcltechsw HCL Launch HCL Launch could allow an authenticated user to obtain sensitive information in some instances due to improper security checking. | 6.5 |
| 2022-07-30 | CVE-2021-27785 | Insufficiently Protected Credentials vulnerability in Hcltechsw HCL Commerce HCL Commerce's Remote Store server could allow a local attacker to obtain sensitive personal information. | 5.0 |
| 2022-07-06 | CVE-2022-27548 | Insufficiently Protected Credentials vulnerability in Hcltechsw HCL Launch 7.0.5.10/7.1.2.6/7.2.2.1 HCL Launch stores user credentials in plain clear text which can be read by a local user. | 5.5 |
| 2022-07-06 | CVE-2022-27549 | Cleartext Storage of Sensitive Information vulnerability in Hcltechsw HCL Launch 7.0.5.10/7.1.2.6/7.2.2.1 HCL Launch may store certain data for recurring activities in a plain text format. | 5.5 |
| 2022-05-06 | CVE-2021-27751 | Insufficient Session Expiration vulnerability in Hcltechsw HCL Commerce HCL Commerce is affected by an Insufficient Session Expiration vulnerability. | 3.3 |