CVEInsight.

Free vulnerability intelligence for developers, security teams, and researchers. Data sourced from public databases for informational purposes only.

Explore

Legal

CVE data sourced from NVD / NIST & public disclosures.

hcltech

appscan

8 known vulnerabilities · sorted by CVSS score

CVE-2019-4393

CRITICAL9.8

HCL AppScan Standard is vulnerable to excessive authorization attempts

hcltech / appscan

Network

Published Apr 7, 2020

CVE-2019-4392

CRITICAL9.8

HCL AppScan Standard Edition 9.0.3.13 and earlier uses hard-coded credentials which can be exploited by attackers to get unauthorized access to the system.

hcltech / appscan

Network

Published Feb 14, 2020

CVE-2019-4391

HIGH8.2

HCL AppScan Standard is vulnerable to XML External Entity Injection (XXE) attack when processing XML data

hcltech / appscan

Network

Published Apr 7, 2020

CVE-2019-4326

HIGH7.5

"HCL AppScan Enterprise security rules update administration section of the web application console is missing HTTP Strict-Transport-Security Header."

hcltech / appscan

Network

Published Oct 6, 2020

CVE-2019-4327

HIGH7.5

"HCL AppScan Enterprise uses hard-coded credentials which can be exploited by attackers to get unauthorized access to application's encrypted files."

hcltech / appscan

Network

Published Apr 21, 2020

CVE-2019-4324

MEDIUM6.1

"HCL AppScan Enterprise is susceptible to Cross-Site Scripting while importing a specially crafted test policy."

hcltech / appscan

Network

Published Jul 7, 2020

CVE-2019-4325

MEDIUM5.3

"HCL AppScan Enterprise makes use of broken or risky cryptographic algorithm to store REST API user details."

hcltech / appscan

Network

Published Oct 6, 2020

CVE-2019-4323

MEDIUM4.3

"HCL AppScan Enterprise advisory API documentation is susceptible to clickjacking, which could allow an attacker to embed the contents of untrusted web pages in a frame."

hcltech / appscan

Network

Published Jul 7, 2020