Note:
This project will be discontinued after December 13, 2021. [more]
Product:
Appscan
(Hcltech)| Repositories |
Unknown: This might be proprietary software. |
| #Vulnerabilities | 8 |
| Date | Id | Summary | Products | Score | Patch | Annotated |
|---|---|---|---|---|---|---|
| 2020-10-06 | CVE-2019-4326 | "HCL AppScan Enterprise security rules update administration section of the web application console is missing HTTP Strict-Transport-Security Header." | Appscan | 7.5 | ||
| 2020-10-06 | CVE-2019-4325 | "HCL AppScan Enterprise makes use of broken or risky cryptographic algorithm to store REST API user details." | Appscan | 5.3 | ||
| 2020-07-07 | CVE-2019-4324 | "HCL AppScan Enterprise is susceptible to Cross-Site Scripting while importing a specially crafted test policy." | Appscan | N/A | ||
| 2020-07-07 | CVE-2019-4323 | "HCL AppScan Enterprise advisory API documentation is susceptible to clickjacking, which could allow an attacker to embed the contents of untrusted web pages in a frame." | Appscan | N/A | ||
| 2020-04-21 | CVE-2019-4327 | "HCL AppScan Enterprise uses hard-coded credentials which can be exploited by attackers to get unauthorized access to application's encrypted files." | Appscan | N/A | ||
| 2020-04-07 | CVE-2019-4393 | HCL AppScan Standard is vulnerable to excessive authorization attempts | Appscan | N/A | ||
| 2020-04-07 | CVE-2019-4391 | HCL AppScan Standard is vulnerable to XML External Entity Injection (XXE) attack when processing XML data | Appscan | N/A | ||
| 2020-02-14 | CVE-2019-4392 | HCL AppScan Standard Edition 9.0.3.13 and earlier uses hard-coded credentials which can be exploited by attackers to get unauthorized access to the system. | Appscan | N/A |