Search Vulnerabilities

HCL Commerce, when using Elasticsearch, can allow a remote attacker to cause a denial of service attack on the site and make administrative changes.

HCL Commerce's Remote Store server could allow a local attacker to obtain sensitive personal information. The vulnerability requires the victim to first perform a particular operation on the website.

User SID can be modified resulting in an Arbitrary File Upload or deletion of directories causing a Denial of Service. When interacting in a normal matter with the Sametime chat application, users hold a cookie containing their session ID (SID). This value is also used when sending chat messages, receiving notifications and/or transferring files.

Information leakage occurs when a website reveals information that could aid an attacker to further exploit the system. This information may or may not be sensitive and does not automatically mean a breach is likely to occur. Overall, any information that could be used for an attack should be limited whenever possible.

The vulnerability was discovered within the “FaviconService”. The service takes a base64-encoded URL which is then requested by the webserver. We assume this service is used by the “meetings”-function where users can specify an external URL where the online meeting will take place.

Users are able to read group conversations without actively taking part in them. Next to one to one conversations, users are able to start group conversations with multiple users. It was found possible to obtain the contents of these group conversations without being part of it. This could lead to information leakage where confidential information discussed in private groups is read by other users without the users knowledge.

HCL Commerce is affected by an Insufficient Session Expiration vulnerability. After the session expires, in some circumstances, parts of the application are still accessible.

" Insecure password storage issue.The application stores sensitive information in cleartext within a resource that might be accessible to another control sphere.Since the information is stored in cleartext, attackers could potentially read it and gain access to sensitive information."

" Security vulnerability in HCL Commerce Management Center allowing XML external entity (XXE) injection"

Information disclosure vulnerability in HCL Commerce 9.0.1.9 through 9.0.1.14 and 9.1 through 9.1.4 could allow a remote attacker to obtain user personal data via unknown vectors.

Security vulnerability in HCL Commerce 9.0.0.5 through 9.0.0.13, 9.0.1.0 through 9.0.1.14 and 9.1 through 9.1.4 could allow denial of service, disclosure of user personal data, and performing of unauthorized administrative operations.

"HCL AppScan Enterprise security rules update administration section of the web application console is missing HTTP Strict-Transport-Security Header."

"HCL AppScan Enterprise makes use of broken or risky cryptographic algorithm to store REST API user details."

"HCL AppScan Enterprise advisory API documentation is susceptible to clickjacking, which could allow an attacker to embed the contents of untrusted web pages in a frame."

"HCL AppScan Enterprise is susceptible to Cross-Site Scripting while importing a specially crafted test policy."

"HCL AppScan Enterprise uses hard-coded credentials which can be exploited by attackers to get unauthorized access to application's encrypted files."

HCL AppScan Standard is vulnerable to excessive authorization attempts

HCL AppScan Standard is vulnerable to XML External Entity Injection (XXE) attack when processing XML data

HCL AppScan Standard Edition 9.0.3.13 and earlier uses hard-coded credentials which can be exploited by attackers to get unauthorized access to the system.