Known Vulnerabilities for products from Hcltech
Listed below are 20 of the newest known vulnerabilities associated with the vendor "Hcltech".
These CVEs are retrieved based on exact matches on listed vendor information (CPE data) as well as a keyword search to ensure the newest vulnerabilities with no officially listed vendor information are still displayed.
Data on known vulnerable products is also displayed based on information from known CPEs, each product links to its respective vulnerability page.
Known Vulnerabilities
| CVE | Shortened Description | Severity | Publish Date | Last Modified |
|---|---|---|---|---|
| CVE-2026-21783 json | HCL Traveler is affected by sensitive information disclosure. The application generates some error messages that provide de... | Not Provided | 2026-03-24 | 2026-03-31 |
| CVE-2026-21767 json | HCL BigFix Platform is affected by insufficient authentication. The application might allow users to access sensitive area... | Not Provided | 2026-04-02 | 2026-04-16 |
| CVE-2026-21765 json | HCL BigFix Platform is affected by insecure permissions on private cryptographic keys. The private cryptographic keys locat... | Not Provided | 2026-04-02 | 2026-04-16 |
| CVE-2025-31981 json | HCL BigFix Service Management (SM) Discovery is vulnerable to unenforced encryption due to port 80 (HTTP) being open, allowin... | Not Provided | 2026-04-21 | 2026-04-22 |
| CVE-2025-31966 json | HCL Sametime is vulnerable to broken server-side validation. While the application performs client-side input checks, these a... | Not Provided | 2026-03-17 | 2026-03-31 |
| CVE-2025-31958 json | HCL BigFix Service Management is susceptible to HTTP Request Smuggling. HTTP request smuggling vulnerabilities arise when w... | Not Provided | 2026-04-21 | 2026-04-22 |
| CVE-2023-37538 json | HCL Digital Experience is susceptible to cross site scripting (XSS). One subcomponent is vulnerable to reflected XSS. In refl... | 6.1 - MEDIUM | 2023-10-11 | 2023-10-18 |
| CVE-2023-37537 json | An unquoted service path vulnerability in HCL AppScan Presence, deployed as a Windows service in HCL AppScan on Cloud (ASoC),... | 7.8 - HIGH | 2023-10-17 | 2023-10-24 |
| CVE-2023-37536 json | An integer overflow in xerces-c++ 3.2.3 in BigFix Platform allows remote attackers to cause out-of-bound access via HTTP requ... | 8.8 - HIGH | 2023-10-11 | 2023-12-31 |
| CVE-2023-37533 json | HCL Connections is vulnerable to reflected cross-site scripting (XSS) where an attacker may leverage these issues to execute ... | 6.1 - MEDIUM | 2023-11-09 | 2023-11-16 |
| CVE-2023-37532 json | HCL Commerce Remote Store server could allow a remote attacker, using a specially-crafted URL, to read arbitrary files on the... | 4.3 - MEDIUM | 2023-10-23 | 2023-10-30 |
| CVE-2023-37518 json | ** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new secur... | 8.8 - HIGH | 2024-01-30 | 2024-02-05 |
| CVE-2023-37513 json | When the app is put to the background and the user goes to the task switcher of iOS, the app snapshot is not blurred which ma... | 5.5 - MEDIUM | 2023-08-11 | 2023-08-17 |
| CVE-2023-37512 json | When the app is put to the background and the user goes to the task switcher of iOS, the app snapshot is not blurred which ma... | 5.5 - MEDIUM | 2023-08-11 | 2023-08-17 |
| CVE-2023-37511 json | If certain App Transport Security (ATS) settings are set in a certain manner, insecure loading of web content can be achieved... | 4.3 - MEDIUM | 2023-08-11 | 2023-08-17 |
| CVE-2023-37504 json | HCL Compass is vulnerable to failure to invalidate sessions. The application does not invalidate authenticated sessions when ... | 6.5 - MEDIUM | 2023-10-19 | 2023-10-25 |
| CVE-2023-37503 json | HCL Compass is vulnerable to insecure password requirements. An attacker could easily guess the password and gain access to u... | 9.8 - CRITICAL | 2023-10-19 | 2023-10-25 |
| CVE-2023-37502 json | HCL Compass is vulnerable to lack of file upload security. An attacker could upload files containing active code that can b... | 8.8 - HIGH | 2023-10-18 | 2023-10-25 |
| CVE-2023-37501 json | A Persistent XSS vulnerability can be carried out in a certain field of Unica Campaign. An attacker could hijack a user's s... | 6.1 - MEDIUM | 2023-08-03 | 2023-08-07 |
| CVE-2023-37500 json | A Persistent Cross-site Scripting (XSS) vulnerability can be carried out on certain pages of Unica Platform. An attacker co... | 6.1 - MEDIUM | 2023-08-03 | 2023-08-07 |
Known software with vulnerabilities from Hcltech
| Type | Vendor | Product | Version |
|---|---|---|---|
| Application | Hcltech | Appscan | - |
| Application | Hcltech | Appscan Source | - |
| Application | Hcltech | Bigfix Platform | 10.0.2 |
| Application | Hcltech | Bigfix Webui | - |
| Application | Hcltech | Connections | 5.5 |
| Application | Hcltech | Digital Experience | 8.5 |
| Application | Hcltech | Domino | - |
| Application | Hcltech | Hcl Digital Experience | 8.5 |
| Application | Hcltech | Hcl Domino | 10.0.1 |
| Application | Hcltech | Hcl Inotes | 10.0.1 |
| Application | Hcltech | Hcl Nomad | 1.0 |
| Application | Hcltech | Notes | 10.0 |
| Application | Hcltech | Self-service Application | 3.0.0 |
| Application | Hcltech | Traveler | 10.0.0.0 |