CVE-2020-14263
https://notcve.org/view.php?id=CVE-2020-14263
"HCL Traveler Companion is vulnerable to an iOS weak cryptographic process vulnerability via the included MobileIron AppConnect SDK" HCL Traveler Companion es vulnerable a una vulnerabilidad de proceso criptográfico débil de iOS por medio del SDK MobileIron AppConnect incluido • https://support.hcltechsw.com/csm?id=kb_article&sysparm_article=KB0091691 • CWE-732: Incorrect Permission Assignment for Critical Resource •
CVE-2020-4081
https://notcve.org/view.php?id=CVE-2020-4081
In Digital Experience 8.5, 9.0, and 9.5, WSRP consumer is vulnerable to cross-site scripting (XSS). En Digital Experience versiones 8.5, 9.0 y 9.5, el consumidor de WSRP es vulnerable a un ataque de tipo cross-site scripting (XSS) • https://support.hcltechsw.com/csm?id=kb_article&sysparm_article=KB0085225 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVE-2020-14255
https://notcve.org/view.php?id=CVE-2020-14255
HCL Digital Experience 9.5 containers include vulnerabilities that could expose sensitive data to unauthorized parties via crafted requests. These affect containers only. These do not affect traditional on-premise installations. Los contenedores de HCL Digital Experience versión 9.5, incluyen vulnerabilidades que podrían exponer datos confidenciales a partes no autorizadas por medio de peticiones diseñadas. Estos afectan solo a los contenedores. • https://support.hcltechsw.com/csm?id=kb_article&sysparm_article=KB0085234 •
CVE-2020-14221
https://notcve.org/view.php?id=CVE-2020-14221
HCL Digital Experience 8.5, 9.0, and 9.5 exposes information about the server to unauthorized users. HCL Digital Experience versiones 8.5, 9.0 y 9.5, expone información sobre el servidor a usuarios no autorizados • https://support.hcltechsw.com/csm?id=kb_article&sysparm_article=KB0085225 •
CVE-2020-14273
https://notcve.org/view.php?id=CVE-2020-14273
HCL Domino is susceptible to a Denial of Service (DoS) vulnerability due to insufficient validation of input to its public API. An unauthenticated attacker could could exploit this vulnerability to crash the Domino server. HCL Domino es susceptible de una vulnerabilidad de denegación de servicio (DoS) debido a la insuficiente validación de la entrada a su API pública. Un atacante no autenticado podría aprovechar esta vulnerabilidad para bloquear el servidor Domino • https://support.hcltechsw.com/csm?id=kb_article&sysparm_article=KB0085947 • CWE-20: Improper Input Validation •