CVSS: 6.1EPSS: 0%CPEs: 3EXPL: 0CVE-2019-4209
https://notcve.org/view.php?id=CVE-2019-4209
HCL Connections v5.5, v6.0, and v6.5 contains an open redirect vulnerability which could be exploited by an attacker to conduct phishing attacks. HCL Connections versiones v5.5, v6.0 y v6.5, contienen una vulnerabilidad de redireccionamiento abierto que podría ser explotada por parte de un atacante para realizar ataques de phishing. • https://support.hcltechsw.com/csm?id=kb_article&sysparm_article=KB0077954 • CWE-601: URL Redirection to Untrusted Site ('Open Redirect') •
CVSS: 6.5EPSS: 0%CPEs: 3EXPL: 0CVE-2020-4085
https://notcve.org/view.php?id=CVE-2020-4085
"HCL Connections is vulnerable to possible information leakage and could disclose sensitive information via stack trace to a local user." "HCL Connections es vulnerable a un posible filtrado de información y podría divulgar información confidencial por medio de un rastreo de la pila en un usuario local". • https://support.hcltechsw.com/csm?id=kb_article&sysparm_article=KB0077976 • CWE-209: Generation of Error Message Containing Sensitive Information •
CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 0CVE-2019-4327
https://notcve.org/view.php?id=CVE-2019-4327
"HCL AppScan Enterprise uses hard-coded credentials which can be exploited by attackers to get unauthorized access to application's encrypted files." "HCL AppScan Enterprise utiliza credenciales embebidas que pueden ser explotadas por los atacantes para obtener acceso no autorizado a los archivos cifrados de la aplicación". • https://support.hcltechsw.com/csm?id=kb_article&sysparm_article=KB0078222 • CWE-798: Use of Hard-coded Credentials •
CVSS: 9.8EPSS: 0%CPEs: 1EXPL: 0CVE-2019-4393
https://notcve.org/view.php?id=CVE-2019-4393
HCL AppScan Standard is vulnerable to excessive authorization attempts HCL AppScan Standard es vulnerable a intentos de autorización excesivos. • https://support.hcltechsw.com/csm?id=kb_article&sysparm_article=KB0077916 • CWE-307: Improper Restriction of Excessive Authentication Attempts •
CVSS: 8.2EPSS: 0%CPEs: 1EXPL: 0CVE-2019-4391
https://notcve.org/view.php?id=CVE-2019-4391
HCL AppScan Standard is vulnerable to XML External Entity Injection (XXE) attack when processing XML data HCL AppScan Standard es vulnerable a un ataque de tipo XML External Entity Injection (XXE) cuando se procesa datos XML. • https://support.hcltechsw.com/csm?id=kb_article&sysparm_article=KB0077917 • CWE-611: Improper Restriction of XML External Entity Reference •