Total
8 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2019-4393 | 1 Hcltech | 1 Appscan | 2024-11-21 | 5.0 MEDIUM | 9.8 CRITICAL |
| HCL AppScan Standard is vulnerable to excessive authorization attempts | |||||
| CVE-2019-4392 | 1 Hcltech | 1 Appscan | 2024-11-21 | 10.0 HIGH | 9.8 CRITICAL |
| HCL AppScan Standard Edition 9.0.3.13 and earlier uses hard-coded credentials which can be exploited by attackers to get unauthorized access to the system. | |||||
| CVE-2019-4391 | 1 Hcltech | 1 Appscan | 2024-11-21 | 6.4 MEDIUM | 8.2 HIGH |
| HCL AppScan Standard is vulnerable to XML External Entity Injection (XXE) attack when processing XML data | |||||
| CVE-2019-4327 | 1 Hcltech | 1 Appscan | 2024-11-21 | 5.0 MEDIUM | 7.5 HIGH |
| "HCL AppScan Enterprise uses hard-coded credentials which can be exploited by attackers to get unauthorized access to application's encrypted files." | |||||
| CVE-2019-4326 | 1 Hcltech | 1 Appscan | 2024-11-21 | 5.0 MEDIUM | 7.5 HIGH |
| "HCL AppScan Enterprise security rules update administration section of the web application console is missing HTTP Strict-Transport-Security Header." | |||||
| CVE-2019-4325 | 1 Hcltech | 1 Appscan | 2024-11-21 | 5.0 MEDIUM | 5.3 MEDIUM |
| "HCL AppScan Enterprise makes use of broken or risky cryptographic algorithm to store REST API user details." | |||||
| CVE-2019-4324 | 1 Hcltech | 1 Appscan | 2024-11-21 | 4.3 MEDIUM | 6.1 MEDIUM |
| "HCL AppScan Enterprise is susceptible to Cross-Site Scripting while importing a specially crafted test policy." | |||||
| CVE-2019-4323 | 1 Hcltech | 1 Appscan | 2024-11-21 | 4.3 MEDIUM | 4.3 MEDIUM |
| "HCL AppScan Enterprise advisory API documentation is susceptible to clickjacking, which could allow an attacker to embed the contents of untrusted web pages in a frame." | |||||