cve,link,title,description,vendor,products,score,severity,epss,cisa,cisa_published,article,ransomware,exploited,exploited_date,poc,trended,trended_no_1,trended_no_1_date,published,trended_score
CVE-2021-27759,https://securityvulnerability.io/vulnerability/CVE-2021-27759,Improper Request Handling in HCL Domino,"This vulnerability in HCL Domino occurs due to insufficient verification of user requests, which might allow an attacker to manipulate a victim's browser into sending unintended HTTP requests to an arbitrary URL. This could lead to unauthorized actions being executed without the user's consent, compromising sensitive information and the integrity of the application.",Hcl Software,Hcl Bigfix Inventory,2.3,LOW,0.0005300000193528831,false,,false,false,false,,,false,false,,2022-05-06T18:15:00.000Z,0
CVE-2021-27758,https://securityvulnerability.io/vulnerability/CVE-2021-27758,Cross-site Request Forgery Vulnerability in HCL Connections,"A security vulnerability exists in the login form of HCL Connections that allows attackers to exploit Cross-site Request Forgery (CSRF). This vulnerability can lead to user accounts being locked after repeated unauthorized login attempts, preventing legitimate users from accessing their accounts. It highlights the importance of implementing robust security measures to protect against CSRF attacks.",Hcl Software,Hcl Bigfix Inventory,4.3,MEDIUM,0.0005300000193528831,false,,false,false,false,,,false,false,,2022-05-06T18:15:00.000Z,0
CVE-2020-14248,https://securityvulnerability.io/vulnerability/CVE-2020-14248,Session Cookie Vulnerability in BigFix Inventory by HCL Technologies,"BigFix Inventory versions up to 10.0.2 are vulnerable due to the failure to set the secure flag on session cookies during HTTPS sessions. This oversight permits cookies to be transmitted over unencrypted HTTP requests, exposing them to potential interception by remote attackers. Consequently, attackers could capture sensitive session data, compromising user accounts and potentially gaining unauthorized access to protected resources.",HCL Software,Hcl Bigfix Inventory,5.3,MEDIUM,0.0015399999683722854,false,,false,false,false,,,false,false,,2020-12-16T14:11:34.000Z,0
CVE-2020-14254,https://securityvulnerability.io/vulnerability/CVE-2020-14254,TLS-RSA Cipher Suite Vulnerability in HCL BigFix Inventory,"A vulnerability exists in HCL BigFix Inventory due to the use of outdated TLS-RSA cipher suites, which are not disabled in versions up to v10.0.2. If higher versions of the TLS protocol and secure cipher configurations are not enforced, this could allow an attacker to passively record the network traffic and potentially decrypt sensitive information at a later time. Organizations using these versions are strongly encouraged to implement the latest security configurations to mitigate risks associated with data exposure.",HCL Software,Hcl Bigfix Inventory,7.5,HIGH,0.002199999988079071,false,,false,false,false,,,false,false,,2020-12-16T14:07:42.000Z,0