12 matches found
EUVD-2020-6400
Malware in sbrugna...
EUVD-2020-6399
Malware in sbrugna...
CVE-2020-14247
HCL OneTest Performance V9.5, V10.0, V10.1 contains an inadequate session timeout, which could allow an attacker time to guess and use a valid session ID...
CVE-2020-14246
HCL OneTest Performance V9.5, V10.0, V10.1 uses basic authentication which is relatively weak. An attacker could potentially decode the encoded credentials...
CVE-2020-14246
HCL OneTest Performance V9.5, V10.0, V10.1 uses basic authentication which is relatively weak. An attacker could potentially decode the encoded credentials...
CVE-2020-14247
HCL OneTest Performance V9.5, V10.0, V10.1 contains an inadequate session timeout, which could allow an attacker time to guess and use a valid session ID...
CVE-2020-14246
HCL OneTest Performance V9.5, V10.0, V10.1 uses basic authentication which is relatively weak. An attacker could potentially decode the encoded credentials...
Design/Logic Flaw
HCL OneTest Performance V9.5, V10.0, V10.1 contains an inadequate session timeout, which could allow an attacker time to guess and use a valid session ID...
Authentication flaw
HCL OneTest Performance V9.5, V10.0, V10.1 uses basic authentication which is relatively weak. An attacker could potentially decode the encoded credentials...
CVE-2020-14246
The CVE-2020-14246 entry concerns HCL OneTest Performance (V9.5, V10.0, V10.1) using basic authentication, which can be decoded to reveal credentials. The affected software is HCL OneTest Performance; the root cause is weak basic authentication. Practical impact states that an attacker could deco...
CVE-2020-14247
Summary: CVE-2020-14247 affects HCL OneTest Performance versions 9.5, 10.0 and 10.1. The vulnerability arises from an inadequate session timeout, which could allow an attacker to guess and reuse a valid session ID. What’s affected: HCL OneTest Performance (V9.5, V10.0, V10.1). Root cause: Inadequ...
CVE-2020-14247
HCL OneTest Performance V9.5, V10.0, V10.1 contains an inadequate session timeout, which could allow an attacker time to guess and use a valid session ID...