HCL OneTest Performance 9.5/10.0/10.1 excessive authentication

entryeditHistoryDiffjsonxmlCTI

A vulnerability was found in HCL OneTest Performance 9.5/10.0/10.1. It has been rated as problematic. Affected by this issue is an unknown function. There is no information about possible countermeasures known. It may be suggested to replace the affected object with an alternative product.

Field	02/04/2021 06:47 PM	02/23/2021 02:30 PM
vendor	HCL	HCL
name	OneTest Performance	OneTest Performance
version	9.5/10.0/10.1	9.5/10.0/10.1
cwe	307 (information disclosure)	307 (information disclosure)
risk	1	1
cvss3_vuldb_av	N	N
cvss3_vuldb_ac	H	H
cvss3_vuldb_pr	N	N
cvss3_vuldb_ui	N	N
cvss3_vuldb_s	U	U
cvss3_vuldb_c	L	L
cvss3_vuldb_i	N	N
cvss3_vuldb_a	N	N
identifier	KB0086469	KB0086469
url	https://support.hcltechsw.com/csm?id=kb_article&sysparm_article=KB0086469	https://support.hcltechsw.com/csm?id=kb_article&sysparm_article=KB0086469
cve	CVE-2020-14247	CVE-2020-14247
date	1612393200 (02/04/2021)	1612393200 (02/04/2021)
cvss2_vuldb_av	N	N
cvss2_vuldb_ac	H	H
cvss2_vuldb_au	N	N
cvss2_vuldb_ci	P	P
cvss2_vuldb_ii	N	N
cvss2_vuldb_ai	N	N
cvss2_vuldb_e	ND	ND
cvss2_vuldb_rl	ND	ND
cvss2_vuldb_rc	ND	ND
cvss3_vuldb_e	X	X
cvss3_vuldb_rl	X	X
cvss3_vuldb_rc	X	X
cvss2_vuldb_basescore	2.6	2.6
cvss2_vuldb_tempscore	2.6	2.6
cvss3_vuldb_basescore	3.7	3.7
cvss3_vuldb_tempscore	3.7	3.7
cvss3_meta_basescore	3.7	3.7
cvss3_meta_tempscore	3.7	3.7
price_0day	$0-$5k	$0-$5k
cve_assigned		1592344800
cve_nvd_summary		HCL OneTest Performance V9.5, V10.0, V10.1 contains an inadequate session timeout, which could allow an attacker time to guess and use a valid session ID.

◂ Previous Overview Next ▸

Interested in the pricing of exploits?

See the underground prices here!