Hcltech Hcl Compass
By the Year
In 2024 there have been 0 vulnerabilities in Hcltech Hcl Compass . Last year Hcl Compass had 4 security vulnerabilities published. Right now, Hcl Compass is on track to have less security vulnerabilities in 2024 than it did last year.
| Year | Vulnerabilities | Average Score |
|---|---|---|
| 2024 | 0 | 0.00 |
| 2023 | 4 | 8.48 |
| 2022 | 0 | 0.00 |
| 2021 | 0 | 0.00 |
| 2020 | 0 | 0.00 |
| 2019 | 0 | 0.00 |
| 2018 | 0 | 0.00 |
It may take a day or so for new Hcl Compass vulnerabilities to show up in the stats or in the list of recent security vulnerabilties. Additionally vulnerabilities may be tagged under a different product or component name.
Recent Hcltech Hcl Compass Security Vulnerabilities
HCL Compass is vulnerable to insecure password requirements
CVE-2023-37503
9.8 - Critical
- October 19, 2023
HCL Compass is vulnerable to insecure password requirements. An attacker could easily guess the password and gain access to user accounts.
Weak Password Requirements
HCL Compass is vulnerable to failure to invalidate sessions
CVE-2023-37504
6.5 - Medium
- October 19, 2023
HCL Compass is vulnerable to failure to invalidate sessions. The application does not invalidate authenticated sessions when the log out functionality is called. If the session identifier can be discovered, it could be replayed to the application and used to impersonate the user.
Insufficient Session Expiration
HCL Compass is vulnerable to lack of file upload security
CVE-2023-37502
8.8 - High
- October 18, 2023
HCL Compass is vulnerable to lack of file upload security. An attacker could upload files containing active code that can be executed by the server or by a user's web browser.
Unrestricted File Upload
HCL Compass is vulnerable to Cross-Origin Resource Sharing (CORS)
CVE-2022-42447
8.8 - High
- April 02, 2023
HCL Compass is vulnerable to Cross-Origin Resource Sharing (CORS). This vulnerability can allow an unprivileged remote attacker to trick a legitimate user into accessing a special resource and executing a malicious request.
Session Riding
Stay on top of Security Vulnerabilities
Want an email whenever new vulnerabilities are published for Hcltech Hcl Compass or by Hcltech? Click the Watch button to subscribe.
