Commerce
by HCL Software
CVEs (3)
| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2022-38656 | Hig | 0.56 | 8.6 | 0.01 | Dec 12, 2022 | HCL Commerce, when using Elasticsearch, can allow a remote attacker to cause a denial of service attack on the site and make administrative changes. | ||
| CVE-2020-14274 | Hig | 0.49 | 7.5 | 0.01 | Jan 12, 2021 | Information disclosure vulnerability in HCL Commerce 9.0.1.9 through 9.0.1.14 and 9.1 through 9.1.4 could allow a remote attacker to obtain user personal data via unknown vectors. | ||
| CVE-2024-23576 | Hig | 0.46 | 7.1 | 0.00 | May 14, 2024 | Security vulnerability in HCL Commerce 9.1.12 and 9.1.13 could allow denial of service, disclosure of user personal data, and performing of unauthorized administrative operations. |
- risk 0.56cvss 8.6epss 0.01
HCL Commerce, when using Elasticsearch, can allow a remote attacker to cause a denial of service attack on the site and make administrative changes.
- risk 0.49cvss 7.5epss 0.01
Information disclosure vulnerability in HCL Commerce 9.0.1.9 through 9.0.1.14 and 9.1 through 9.1.4 could allow a remote attacker to obtain user personal data via unknown vectors.
- risk 0.46cvss 7.1epss 0.00
Security vulnerability in HCL Commerce 9.1.12 and 9.1.13 could allow denial of service, disclosure of user personal data, and performing of unauthorized administrative operations.