Lucene search

Appscan Security Vulnerabilities - 2020

cve

CVE-2019-4323

"HCL AppScan Enterprise advisory API documentation is susceptible to clickjacking, which could allow an attacker to embed the contents of untrusted web pages in a frame."

4.3CVSS

4.5AI Score

0.001EPSS

2020-07-07 03:15 PM

cve

CVE-2019-4324

"HCL AppScan Enterprise is susceptible to Cross-Site Scripting while importing a specially crafted test policy."

6.1CVSS

6AI Score

0.001EPSS

2020-07-07 03:15 PM

cve

CVE-2019-4325

"HCL AppScan Enterprise makes use of broken or risky cryptographic algorithm to store REST API user details."

5.3CVSS

5.3AI Score

0.001EPSS

2020-10-06 06:15 PM

cve

CVE-2019-4326

"HCL AppScan Enterprise security rules update administration section of the web application console is missing HTTP Strict-Transport-Security Header."

7.5CVSS

7.6AI Score

0.002EPSS

2020-10-06 06:15 PM

cve

CVE-2019-4327

"HCL AppScan Enterprise uses hard-coded credentials which can be exploited by attackers to get unauthorized access to application's encrypted files."

7.5CVSS

7.5AI Score

0.002EPSS

2020-04-21 07:15 PM

cve

CVE-2019-4391

HCL AppScan Standard is vulnerable to XML External Entity Injection (XXE) attack when processing XML data

8.2CVSS

8.3AI Score

0.002EPSS

2020-04-07 04:15 PM

cve

CVE-2019-4392

HCL AppScan Standard Edition 9.0.3.13 and earlier uses hard-coded credentials which can be exploited by attackers to get unauthorized access to the system.

9.8CVSS

9.3AI Score

0.002EPSS

2020-02-14 10:15 PM

104

cve

CVE-2019-4393

HCL AppScan Standard is vulnerable to excessive authorization attempts

9.8CVSS

9.3AI Score

0.002EPSS

2020-04-07 04:15 PM