CVEs (3)
CVE VENDORS PRODUCTS UPDATED PUBLISHED CVSS |
|---|
1Hcltechsw 1Onetest Performance Nov 21, 2024 Feb 4, 2021 N/A· v4 6.5 MEDIUM· v3 6.4 MEDIUM· v2 HCL OneTest Performance V9.5, V10.0, V10.1 contains an inadequate session timeout, which could allow an attacker time to guess and use a valid session ID. |
1Hcltechsw 1Onetest Performance Nov 21, 2024 Feb 4, 2021 N/A· v4 7.5 HIGH· v3 5.0 MEDIUM· v2 HCL OneTest Performance V9.5, V10.0, V10.1 uses basic authentication which is relatively weak. An attacker could potentially decode the encoded credentials. |
1Hcltechsw 1Onetest Performance Nov 21, 2024 Feb 4, 2021 N/A· v4 9.8 CRITICAL· v3 7.5 HIGH· v2 HCL OneTest UI V9.5, V10.0, and V10.1 does not perform authentication for functionality that either requires a provable user identity or consumes a significant amount of resources. |