cve,link,title,description,vendor,products,score,severity,epss,cisa,article,ransomware,exploited,poc,trended,trended_no_1,published,trended_score
CVE-2023-37503,https://securityvulnerability.io/vulnerability/CVE-2023-37503,A weak password requirements vulnerability affects HCL Compass,"HCL Compass is susceptible to inadequate password requirements, allowing attackers to easily guess passwords. This vulnerability could lead to unauthorized access to user accounts, posing significant risks to data integrity and confidentiality.",Hcl Software,Hcl Compass,8.1,HIGH,0.0017000000225380063,false,false,false,false,,false,false,2023-10-19T03:15:00.000Z,0
CVE-2023-37504,https://securityvulnerability.io/vulnerability/CVE-2023-37504,An insufficient session expiration vulnerability affects HCL Compass,"HCL Compass features a significant vulnerability associated with session management, where authenticated sessions remain active even after the logout function is executed. This flaw allows an attacker to exploit session identifiers, facilitating replay attacks that enable user impersonation within the application. It is crucial for organizations using HCL Compass to address this vulnerability promptly to enhance their security posture.",Hcl Software,Hcl Compass,7.1,HIGH,0.0006300000241026282,false,false,false,false,,false,false,2023-10-19T01:15:00.000Z,0
CVE-2023-37502,https://securityvulnerability.io/vulnerability/CVE-2023-37502,An unrestricted file upload vulnerability affects HCL Compass,"HCL Compass has a file upload vulnerability that allows attackers to bypass security measures when uploading files. By exploiting this flaw, an attacker can potentially upload files containing executable code, leading to unauthorized code execution on the server or within a user's web browser. This could result in significant security risks, including data breaches or system compromise.",Hcl Software,Hcl Compass,9,CRITICAL,0.0008900000248104334,false,false,false,false,,false,false,2023-10-18T23:15:00.000Z,0