Vulnerabilities (CVE)

Join the Common Vulnerabilities and Exposures (CVE) community and start to get notified about new vulnerabilities.

Filtered by vendor Hcltechsw Subscribe
Filtered by product Onetest Performance
Total 3 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2020-14245 1 Hcltechsw 1 Onetest Performance 2021-07-21 7.5 HIGH 9.8 CRITICAL
HCL OneTest UI V9.5, V10.0, and V10.1 does not perform authentication for functionality that either requires a provable user identity or consumes a significant amount of resources.
CVE-2020-14246 1 Hcltechsw 1 Onetest Performance 2021-07-21 5.0 MEDIUM 7.5 HIGH
HCL OneTest Performance V9.5, V10.0, V10.1 uses basic authentication which is relatively weak. An attacker could potentially decode the encoded credentials.
CVE-2020-14247 1 Hcltechsw 1 Onetest Performance 2021-02-09 6.4 MEDIUM 6.5 MEDIUM
HCL OneTest Performance V9.5, V10.0, V10.1 contains an inadequate session timeout, which could allow an attacker time to guess and use a valid session ID.