CVSS: 6.5EPSS: 0%CPEs: 1EXPL: 0CVE-2022-44756 – HCL BigFix Insights for Vulnerability Remediation (IVR) is vulnerable to improper input validation
https://notcve.org/view.php?id=CVE-2022-44756
Insights for Vulnerability Remediation (IVR) is vulnerable to improper input validation. This may lead to information disclosure. This requires privileged access. Insights for Vulnerability Remediation (IVR) es vulnerable a una validación de entrada incorrecta. Esto puede dar lugar a la divulgación de información. • https://support.hcltechsw.com/csm?id=kb_article&sysparm_article=KB0102168 • CWE-20: Improper Input Validation •
CVSS: 6.4EPSS: 0%CPEs: 1EXPL: 0CVE-2022-42454 – HCL BigFix Insights for Vulnerability Remediation (IVR) is vulnerable to improper certificate validation
https://notcve.org/view.php?id=CVE-2022-42454
Insights for Vulnerability Remediation (IVR) is vulnerable to man-in-the-middle attacks that may lead to information disclosure. This requires privileged network access. Insights for Vulnerability Remediation (IVR) es vulnerable a ataques man in the middle que pueden conducir a la divulgación de información. Esto requiere acceso privilegiado a la red. • https://support.hcltechsw.com/csm?id=kb_article&sysparm_article=KB0102168 •
CVSS: 4.9EPSS: 0%CPEs: 4EXPL: 0CVE-2022-42445 – HCL Launch is vulnerable to Insufficiently Protected LDAP Search Credentials (CVE-2022-42445)
https://notcve.org/view.php?id=CVE-2022-42445
HCL Launch could allow a user with administrative privileges, including "Manage Security" permissions, the ability to recover a credential previously saved for performing authenticated LDAP searches. HCL Launch podría permitir a un usuario con privilegios administrativos, incluidos permisos de "Administrar seguridad", la capacidad de recuperar una credencial previamente guardada para realizar búsquedas LDAP autenticadas. • https://support.hcltechsw.com/csm?id=kb_article&sysparm_article=KB0101208 •
CVSS: 9.8EPSS: 0%CPEs: 1EXPL: 0CVE-2022-38656 – HCL Commerce, when using Elasticsearch, could be affected by a denial of service vulnerability
https://notcve.org/view.php?id=CVE-2022-38656
HCL Commerce, when using Elasticsearch, can allow a remote attacker to cause a denial of service attack on the site and make administrative changes. HCL Commerce, cuando utiliza Elasticsearch, puede permitir que un atacante remoto provoque un ataque de Denegación de Servicio (DoS) en el sitio y realice cambios administrativos. • https://support.hcltechsw.com/csm?id=kb_article&sysparm_article=KB0101265 •
CVSS: 7.1EPSS: 0%CPEs: 2EXPL: 0CVE-2022-38661 – HCL Workload Automation is affected by a vulnerability in Jlog component of the Master Domain Manager
https://notcve.org/view.php?id=CVE-2022-38661
HCL Workload Automation could allow a local user to overwrite key system files which would cause the system to crash. HCL Workload Automation podría permitir a un usuario local sobrescribir archivos clave del sistema, lo que provocaría que el sistema fallara. • https://support.hcltechsw.com/csm?id=kb_article&sysparm_article=KB0100939 •