Hcltechsw Hcl Commerce — known CVE vulnerabilities
Every CVE whose affected-product data names Hcltechsw Hcl Commerce, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (7)
CVE-2020-14275 — CVSS 9.8 (critical): Security vulnerability in HCL Commerce 9.0.0.5 through 9.0.0.13, 9.0.1.0 through 9.0.1.14 and 9.1 through 9.1.4 could allow denial of…
CVE-2022-38656 — CVSS 8.6 (high): HCL Commerce, when using Elasticsearch, can allow a remote attacker to cause a denial of service attack on the site and make administrative…
CVE-2020-14274 — CVSS 7.5 (high): Information disclosure vulnerability in HCL Commerce 9.0.1.9 through 9.0.1.14 and 9.1 through 9.1.4 could allow a remote attacker to obtain…
CVE-2024-23576 — CVSS 7.1 (high): Security vulnerability in HCL Commerce 9.1.12 and 9.1.13 could allow denial of service, disclosure of user personal data, and performing of…
CVE-2021-27751 — CVSS 4.4 (medium): HCL Commerce is affected by an Insufficient Session Expiration vulnerability. After the session expires, in some circumstances, parts of…
CVE-2021-27785 — CVSS 3.9 (low): HCL Commerce's Remote Store server could allow a local attacker to obtain sensitive personal information. The vulnerability requires the…