HCL OneTest Performance 9.5/10.0/10.1 excessive authentication

entryeditHistoryDiffjsonxmlCTI

A vulnerability was found in HCL OneTest Performance 9.5/10.0/10.1. It has been rated as problematic. Affected by this issue is an unknown function. There is no information about possible countermeasures known. It may be suggested to replace the affected object with an alternative product.

Field02/04/2021 06:47 PM02/23/2021 02:30 PM
vendorHCLHCL
nameOneTest PerformanceOneTest Performance
version9.5/10.0/10.19.5/10.0/10.1
cwe307 (information disclosure)307 (information disclosure)
risk11
cvss3_vuldb_avNN
cvss3_vuldb_acHH
cvss3_vuldb_prNN
cvss3_vuldb_uiNN
cvss3_vuldb_sUU
cvss3_vuldb_cLL
cvss3_vuldb_iNN
cvss3_vuldb_aNN
identifierKB0086469KB0086469
urlhttps://support.hcltechsw.com/csm?id=kb_article&sysparm_article=KB0086469https://support.hcltechsw.com/csm?id=kb_article&sysparm_article=KB0086469
cveCVE-2020-14247CVE-2020-14247
date1612393200 (02/04/2021)1612393200 (02/04/2021)
cvss2_vuldb_avNN
cvss2_vuldb_acHH
cvss2_vuldb_auNN
cvss2_vuldb_ciPP
cvss2_vuldb_iiNN
cvss2_vuldb_aiNN
cvss2_vuldb_eNDND
cvss2_vuldb_rlNDND
cvss2_vuldb_rcNDND
cvss3_vuldb_eXX
cvss3_vuldb_rlXX
cvss3_vuldb_rcXX
cvss2_vuldb_basescore2.62.6
cvss2_vuldb_tempscore2.62.6
cvss3_vuldb_basescore3.73.7
cvss3_vuldb_tempscore3.73.7
cvss3_meta_basescore3.73.7
cvss3_meta_tempscore3.73.7
price_0day$0-$5k$0-$5k
cve_assigned1592344800
cve_nvd_summaryHCL OneTest Performance V9.5, V10.0, V10.1 contains an inadequate session timeout, which could allow an attacker time to guess and use a valid session ID.

Interested in the pricing of exploits?

See the underground prices here!