Appscan@* Security Vulnerabilities and Issues — Appscan@* CVE List

Lucene search

HcltechAppscan*

8 matches found

CVE•added 2020/02/14 10:15 p.m.•119 views

CVE-2019-4392

HCL AppScan Standard Edition 9.0.3.13 and earlier uses hard-coded credentials which can be exploited by attackers to get unauthorized access to the system.

10CVSS9.3AI score0.00391EPSS

CVE•added 2020/10/06 6:15 p.m.•44 views

CVE-2019-4326

"HCL AppScan Enterprise security rules update administration section of the web application console is missing HTTP Strict-Transport-Security Header."

7.5CVSS7.6AI score0.00322EPSS

CVE•added 2020/10/06 6:15 p.m.•41 views

CVE-2019-4325

"HCL AppScan Enterprise makes use of broken or risky cryptographic algorithm to store REST API user details."

5.3CVSS5.3AI score0.00111EPSS

CVE•added 2020/07/07 3:15 p.m.•39 views

CVE-2019-4324

"HCL AppScan Enterprise is susceptible to Cross-Site Scripting while importing a specially crafted test policy."

6.1CVSS6AI score0.00312EPSS

CVE•added 2020/04/07 4:15 p.m.•38 views

CVE-2019-4391

HCL AppScan Standard is vulnerable to XML External Entity Injection (XXE) attack when processing XML data

8.2CVSS8.3AI score0.00547EPSS

CVE•added 2020/04/07 4:15 p.m.•36 views

CVE-2019-4393

HCL AppScan Standard is vulnerable to excessive authorization attempts

9.8CVSS9.3AI score0.00351EPSS

CVE•added 2020/04/21 7:15 p.m.•35 views

CVE-2019-4327

"HCL AppScan Enterprise uses hard-coded credentials which can be exploited by attackers to get unauthorized access to application's encrypted files."

7.5CVSS7.5AI score0.00408EPSS

CVE•added 2020/07/07 3:15 p.m.•30 views

CVE-2019-4323

"HCL AppScan Enterprise advisory API documentation is susceptible to clickjacking, which could allow an attacker to embed the contents of untrusted web pages in a frame."

4.3CVSS4.5AI score0.0018EPSS