82 matches found
CVE-2019-4391
HCL AppScan Standard is vulnerable to XML External Entity Injection XXE attack when processing XML data...
CVE-2019-4326
"HCL AppScan Enterprise security rules update administration section of the web application console is missing HTTP Strict-Transport-Security Header."...
CVE-2024-30143
HCL AppScan Traffic Recorder fails to adequately neutralize special characters within the filename, potentially allowing it to resolve to a location beyond the restricted directory. Potential exploits can completely disrupt or takeover the application or the computer where the application is...
CVE-2024-30143
HCL AppScan Traffic Recorder fails to adequately neutralize special characters within the filename, potentially allowing it to resolve to a location beyond the restricted directory. Potential exploits can completely disrupt or takeover the application or the computer where the application is...
CVE-2024-30143 A path traversal vulnerability in HCL AppScan Traffic Recorder
HCL AppScan Traffic Recorder fails to adequately neutralize special characters within the filename, potentially allowing it to resolve to a location beyond the restricted directory. Potential exploits can completely disrupt or takeover the application or the computer where the application is...
CVE-2024-30143
CVE-2024-30143 describes a path traversal vulnerability in the HCL AppScan Traffic Recorder. The root cause is failure to adequately neutralize special characters in filenames, which could allow resolution beyond restricted directories and potentially enable disruption or takeover of the applicat...
CVE-2024-30143 A path traversal vulnerability in HCL AppScan Traffic Recorder
HCL AppScan Traffic Recorder fails to adequately neutralize special characters within the filename, potentially allowing it to resolve to a location beyond the restricted directory. Potential exploits can completely disrupt or takeover the application or the computer where the application is...
CVE-2024-30149
HCL AppScan Source = 10.6.0 does not properly validate a TLS/SSL certificate for an executable...
CVE-2024-30149
HCL AppScan Source = 10.6.0 does not properly validate a TLS/SSL certificate for an executable...
CVE-2024-30149 HCL AppScan Source is affected by an expired TLS/SSL certificate
HCL AppScan Source = 10.6.0 does not properly validate a TLS/SSL certificate for an executable...
CVE-2024-30149 HCL AppScan Source is affected by an expired TLS/SSL certificate
HCL AppScan Source = 10.6.0 does not properly validate a TLS/SSL certificate for an executable...
CVE-2024-30149
CVE-2024-30149 affects HCL AppScan Source versions 10.6.0 and earlier, with a root cause of improper validation of a TLS/SSL certificate for an executable. Public sources consistently state the issue in the AppScan Source
HCL AppScan 安全漏洞
HCL AppScan is a suite of dynamic analysis testing tools from HCL Corporation, USA, which is primarily used for Web security testing. A security vulnerability exists in HCL AppScan version 10.6.0 and prior versions that stems from not properly validating the TLS/SSL certificate of an executable...
PT-2024-23213 · Hcl · Hcl Appscan Source
Name of the Vulnerable Software and Affected Versions: HCL AppScan Source versions 10.6.0 and below Description: The issue is related to improper validation of a TLS/SSL certificate for an executable. This could potentially lead to security risks if exploited. Recommendations: For HCL AppScan...
CVE-2023-37537
An unquoted service path vulnerability in HCL AppScan Presence, deployed as a Windows service in HCL AppScan on Cloud ASoC, may allow a local attacker to gain elevated privileges...
CVE-2023-37537
An unquoted service path vulnerability in HCL AppScan Presence, deployed as a Windows service in HCL AppScan on Cloud ASoC, may allow a local attacker to gain elevated privileges...
Design/Logic Flaw
An unquoted service path vulnerability in HCL AppScan Presence, deployed as a Windows service in HCL AppScan on Cloud ASoC, may allow a local attacker to gain elevated privileges...
CVE-2023-37537 HCL AppScan Presence deployed as Windows service might be vulnerable to an Unquoted Service Path vulnerability
An unquoted service path vulnerability in HCL AppScan Presence, deployed as a Windows service in HCL AppScan on Cloud ASoC, may allow a local attacker to gain elevated privileges...
CVE-2023-37537
CVE-2023-37537 concerns an unquoted service path vulnerability in HCL AppScan Presence, deployed as a Windows service in HCL AppScan on Cloud (ASoC). The underlying issue is an unquoted service path that can be abused by a local attacker to gain elevated privileges. The CVSS metrics shown (LOCAL ...
CVE-2023-37537 HCL AppScan Presence deployed as Windows service might be vulnerable to an Unquoted Service Path vulnerability
An unquoted service path vulnerability in HCL AppScan Presence, deployed as a Windows service in HCL AppScan on Cloud ASoC, may allow a local attacker to gain elevated privileges...