Vulnerabilities (CVE)

Join the Common Vulnerabilities and Exposures (CVE) community and start to get notified about new vulnerabilities.

Filtered by vendor Hcltech Subscribe
Filtered by product Appscan
Total 8 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2019-4325 1 Hcltech 1 Appscan 2020-10-19 5.0 MEDIUM 5.3 MEDIUM
"HCL AppScan Enterprise makes use of broken or risky cryptographic algorithm to store REST API user details."
CVE-2019-4326 1 Hcltech 1 Appscan 2020-10-19 5.0 MEDIUM 7.5 HIGH
"HCL AppScan Enterprise security rules update administration section of the web application console is missing HTTP Strict-Transport-Security Header."
CVE-2019-4324 1 Hcltech 1 Appscan 2020-07-15 4.3 MEDIUM 6.1 MEDIUM
"HCL AppScan Enterprise is susceptible to Cross-Site Scripting while importing a specially crafted test policy."
CVE-2019-4323 1 Hcltech 1 Appscan 2020-07-15 4.3 MEDIUM 4.3 MEDIUM
"HCL AppScan Enterprise advisory API documentation is susceptible to clickjacking, which could allow an attacker to embed the contents of untrusted web pages in a frame."
CVE-2019-4327 1 Hcltech 1 Appscan 2020-04-29 5.0 MEDIUM 7.5 HIGH
"HCL AppScan Enterprise uses hard-coded credentials which can be exploited by attackers to get unauthorized access to application's encrypted files."
CVE-2019-4391 1 Hcltech 1 Appscan 2020-04-08 6.4 MEDIUM 8.2 HIGH
HCL AppScan Standard is vulnerable to XML External Entity Injection (XXE) attack when processing XML data
CVE-2019-4393 1 Hcltech 1 Appscan 2020-04-08 5.0 MEDIUM 9.8 CRITICAL
HCL AppScan Standard is vulnerable to excessive authorization attempts
CVE-2019-4392 1 Hcltech 1 Appscan 2020-02-19 10.0 HIGH 9.8 CRITICAL
HCL AppScan Standard Edition 9.0.3.13 and earlier uses hard-coded credentials which can be exploited by attackers to get unauthorized access to the system.