CVSS: 7.1EPSS: 0%CPEs: 1EXPL: 0CVE-2023-23342 – HCL Nomad for web is affected by cryptographic validation of local data access that can be circumvented
https://notcve.org/view.php?id=CVE-2023-23342
If certain local files are manipulated in a certain manner, the validation to use the cryptographic keys can be circumvented. • https://support.hcltechsw.com/csm?id=kb_article&sysparm_article=KB0106600 •
CVSS: 7.1EPSS: 0%CPEs: 3EXPL: 0CVE-2023-23347 – Use of a broken cryptographic algorithm affects HCL DRYiCE iAutomate
https://notcve.org/view.php?id=CVE-2023-23347
HCL DRYiCE iAutomate is affected by the use of a broken cryptographic algorithm. An attacker can potentially compromise the confidentiality and integrity of sensitive information. • https://support.hcltechsw.com/csm?id=kb_article&sysparm_article=KB0106674 • CWE-327: Use of a Broken or Risky Cryptographic Algorithm •
CVSS: 7.1EPSS: 0%CPEs: 4EXPL: 0CVE-2023-23346 – Use of a broken cryptographic algorithm affects HCL DRYiCE MyCloud
https://notcve.org/view.php?id=CVE-2023-23346
HCL DRYiCE MyCloud is affected by the use of a broken cryptographic algorithm. An attacker can potentially compromise the confidentiality and integrity of sensitive information. • https://support.hcltechsw.com/csm?id=kb_article&sysparm_article=KB0106670 • CWE-327: Use of a Broken or Risky Cryptographic Algorithm •
CVSS: 8.1EPSS: 0%CPEs: 1EXPL: 0CVE-2023-37501 – A Persistent Cross-site Scripting (XSS) vulnerability affects HCL Unica Campaign
https://notcve.org/view.php?id=CVE-2023-37501
A Persistent XSS vulnerability can be carried out in a certain field of Unica Campaign. An attacker could hijack a user's session and perform other attacks. • https://support.hcltechsw.com/csm?id=kb_article&sysparm_article=KB0106556 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 8.1EPSS: 0%CPEs: 1EXPL: 0CVE-2023-37500 – A Persistent Cross-site Scripting (XSS) vulnerability affects HCL Unica Platform
https://notcve.org/view.php?id=CVE-2023-37500
A Persistent Cross-site Scripting (XSS) vulnerability can be carried out on certain pages of Unica Platform. An attacker could hijack a user's session and perform other attacks. • https://support.hcltechsw.com/csm?id=kb_article&sysparm_article=KB0106554 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •