Lucene search

K

8 matches found

CVE
CVE
added 2020/02/14 10:15 p.m.119 views

CVE-2019-4392

HCL AppScan Standard Edition 9.0.3.13 and earlier uses hard-coded credentials which can be exploited by attackers to get unauthorized access to the system.

10CVSS9.3AI score0.00391EPSS
CVE
CVE
added 2020/10/06 6:15 p.m.44 views

CVE-2019-4326

"HCL AppScan Enterprise security rules update administration section of the web application console is missing HTTP Strict-Transport-Security Header."

7.5CVSS7.6AI score0.00322EPSS
CVE
CVE
added 2020/10/06 6:15 p.m.41 views

CVE-2019-4325

"HCL AppScan Enterprise makes use of broken or risky cryptographic algorithm to store REST API user details."

5.3CVSS5.3AI score0.00111EPSS
CVE
CVE
added 2020/07/07 3:15 p.m.39 views

CVE-2019-4324

"HCL AppScan Enterprise is susceptible to Cross-Site Scripting while importing a specially crafted test policy."

6.1CVSS6AI score0.00312EPSS
CVE
CVE
added 2020/04/07 4:15 p.m.38 views

CVE-2019-4391

HCL AppScan Standard is vulnerable to XML External Entity Injection (XXE) attack when processing XML data

8.2CVSS8.3AI score0.00547EPSS
CVE
CVE
added 2020/04/07 4:15 p.m.36 views

CVE-2019-4393

HCL AppScan Standard is vulnerable to excessive authorization attempts

9.8CVSS9.3AI score0.00351EPSS
CVE
CVE
added 2020/04/21 7:15 p.m.35 views

CVE-2019-4327

"HCL AppScan Enterprise uses hard-coded credentials which can be exploited by attackers to get unauthorized access to application's encrypted files."

7.5CVSS7.5AI score0.00408EPSS
CVE
CVE
added 2020/07/07 3:15 p.m.30 views

CVE-2019-4323

"HCL AppScan Enterprise advisory API documentation is susceptible to clickjacking, which could allow an attacker to embed the contents of untrusted web pages in a frame."

4.3CVSS4.5AI score0.0018EPSS