Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
hcltech appscan vulnerabilities and exploits
(subscribe to this query)
5
CVSSv2
CVE-2019-4325
"HCL AppScan Enterprise makes use of broken or risky cryptographic algorithm to store REST API user details."
Hcltech Appscan
5
CVSSv2
CVE-2019-4326
"HCL AppScan Enterprise security rules update administration section of the web application console is missing HTTP Strict-Transport-Security Header."
Hcltech Appscan
5
CVSSv2
CVE-2019-4327
"HCL AppScan Enterprise uses hard-coded credentials which can be exploited by malicious users to get unauthorized access to application's encrypted files."
Hcltech Appscan
10
CVSSv2
CVE-2019-4392
HCL AppScan Standard Edition 9.0.3.13 and previous versions uses hard-coded credentials which can be exploited by malicious users to get unauthorized access to the system.
Hcltech Appscan
5
CVSSv2
CVE-2019-4393
HCL AppScan Standard is vulnerable to excessive authorization attempts
Hcltech Appscan
6.4
CVSSv2
CVE-2019-4391
HCL AppScan Standard is vulnerable to XML External Entity Injection (XXE) attack when processing XML data
Hcltech Appscan
4.3
CVSSv2
CVE-2019-4323
"HCL AppScan Enterprise advisory API documentation is susceptible to clickjacking, which could allow an malicious user to embed the contents of untrusted web pages in a frame."
Hcltech Appscan
4.3
CVSSv2
CVE-2019-4324
"HCL AppScan Enterprise is susceptible to Cross-Site Scripting while importing a specially crafted test policy."
Hcltech Appscan
5.8
CVSSv2
CVE-2019-16188
HCL AppScan Source prior to 9.03.13 is susceptible to XML External Entity (XXE) attacks in multiple locations. In particular, an attacker can send a specially crafted .ozasmt file to a targeted victim and ask the victim to open it. When the victim imports the .ozasmt file in AppS...
Hcltech Appscan Source
3.5
CVSSv2
CVE-2019-4388
HCL AppScan Source 9.0.3.13 and previous versions is susceptible to cross-site scripting (XSS) attacks by allowing users to embed arbitrary JavaScript code in the Web UI.
Hcltech Appscan Source
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2023-52710
arbitrary
CVE-2024-5272
CVE-2024-2961
brute force
remote
CVE-2024-32944
CVE-2024-36241
CVE-2024-5274
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
NEXT »