Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
cnvdChina National Vulnerability DatabaseCNVD-2022-77862
HistoryMay 16, 2022 - 12:00 a.m.

HCL Technologies HCL Verse Information Disclosure Vulnerability

2022-05-1600:00:00
China National Vulnerability Database
www.cnvd.org.cn
12
hcl technologies
verse
information disclosure
android
ssl certificate
vulnerability
attack
server setup
mitm

EPSS

0.001

Percentile

38.6%

JSON

HCL Technologies HCL Verse is a mobile application from HCL Technologies India that allows access to emails and life plan management.A security vulnerability exists in versions of HCL Technologies HCL Verse for Android prior to version 12.0.9, which stems from a server setup and login process in the application The vulnerability stems from hostname and SSL certificate validation issues during the server setup and login process, which can be exploited by attackers to spoof trusted entities through the use of a man-in-the-middle (MITM) attack.

Related

cve 1
nvd 1
prion 1
cvelist 1
cve
cve
CVE-2021-27768
2022-05-12 22:15:11
nvd
nvd
CVE-2021-27768
2022-05-12 22:15:11
prion
prion
Code injection
2022-05-12 22:15:00
cvelist
cvelist
CVE-2021-27768 An SSL certificate host verification vulnerability affects HCL Verse for Android
2022-05-12 21:25:22

EPSS

0.001

Percentile

38.6%

JSON
Related for CNVD-2022-77862
cve1nvd1prion1cvelist1