Filtered by vendor Hcltech
Subscriptions
Filtered by product Appscan
Subscriptions
Total
8 CVE
CVE | Vendors | Products | Updated | CVSS v3.1 |
---|---|---|---|---|
CVE-2019-4391 | 1 Hcltech | 1 Appscan | 2024-08-04 | 8.2 High |
HCL AppScan Standard is vulnerable to XML External Entity Injection (XXE) attack when processing XML data | ||||
CVE-2019-4326 | 1 Hcltech | 1 Appscan | 2024-08-04 | 7.5 High |
"HCL AppScan Enterprise security rules update administration section of the web application console is missing HTTP Strict-Transport-Security Header." | ||||
CVE-2019-4324 | 1 Hcltech | 1 Appscan | 2024-08-04 | 6.1 Medium |
"HCL AppScan Enterprise is susceptible to Cross-Site Scripting while importing a specially crafted test policy." | ||||
CVE-2019-4393 | 1 Hcltech | 1 Appscan | 2024-08-04 | 9.8 Critical |
HCL AppScan Standard is vulnerable to excessive authorization attempts | ||||
CVE-2019-4327 | 1 Hcltech | 1 Appscan | 2024-08-04 | 7.5 High |
"HCL AppScan Enterprise uses hard-coded credentials which can be exploited by attackers to get unauthorized access to application's encrypted files." | ||||
CVE-2019-4323 | 1 Hcltech | 1 Appscan | 2024-08-04 | 4.3 Medium |
"HCL AppScan Enterprise advisory API documentation is susceptible to clickjacking, which could allow an attacker to embed the contents of untrusted web pages in a frame." | ||||
CVE-2019-4392 | 1 Hcltech | 1 Appscan | 2024-08-04 | 9.8 Critical |
HCL AppScan Standard Edition 9.0.3.13 and earlier uses hard-coded credentials which can be exploited by attackers to get unauthorized access to the system. | ||||
CVE-2019-4325 | 1 Hcltech | 1 Appscan | 2024-08-04 | 5.3 Medium |
"HCL AppScan Enterprise makes use of broken or risky cryptographic algorithm to store REST API user details." |
Page 1 of 1.