Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

HCL Software — Vulnerabilities & Security Advisories 330

Browse all 330 CVE security advisories affecting HCL Software. AI-powered Chinese analysis, POCs, and references for each vulnerability.

HCL Software specializes in enterprise application development and management tools, primarily serving large organizations with legacy and modernization needs. Its portfolio includes Domino, OpenPages, and various integration platforms, which historically present a diverse attack surface. Common vulnerability classes affecting these products include remote code execution, cross-site scripting, and privilege escalation, often stemming from complex configurations or outdated underlying frameworks. The company has addressed numerous security flaws, with records indicating hundreds of disclosed CVEs over the years. Notable incidents have involved authentication bypasses and injection flaws in older versions of its collaboration suites. HCL Software generally responds to these issues through regular patch cycles and security advisories, though the sheer volume of legacy code contributes to the high number of recorded vulnerabilities. Users are advised to maintain strict update protocols to mitigate risks associated with these known security gaps.

Top products by HCL Software: DRYiCE MyXalytics BigFix Platform HCL Launch HCL Leap Connections BigFix Service Management (SM) Sametime AION HCL Connections BigFix Patch Management Download Plug-ins Nomad server on Domino HCL Sametime HCL Domino Leap BigFix Compliance iAutomate BigFix SaaS Remediate HCL DevOps Deploy / HCL Launch HCL BigFix Platform IEM DevOps Deploy / Launch HCL Unica Platform Unica Platform BigFix Insights for Vulnerability Remediation DRYiCE Optibot Reset Station HCL MyXalytics HCL Commerce HCL Digital Experience HCL Traveler DRYiCE AEX HCL BigFix Mobile / Modern Client Management
CVE IDTitleCVSSSeverityPublished
CVE-2023-50347 Insecure SQL Interface affects HCL DRYiCE MyXalytics — DRYiCE MyXalytics 3.7 Low2024-04-10
CVE-2024-23584 HCL BigFix Asset Discovery is affected by a security vulnerability — BigFix Enterprise Suite Asset Discovery 6.6 Medium2024-04-08
CVE-2024-23540 HCL BigFix Inventory is vulnerable to path traversal — BigFix Inventory 5.3 Medium2024-04-03
CVE-2023-45715 HCL BigFix Platform is susceptible to a Denial of Service attack — BigFix Platform 3.5 Low2024-03-28
CVE-2023-45706 HCL BigFix Platform is susceptible to Cross Site Scripting (XSS) and/or Man in the Middle (MITM) attack — BigFix Platform 2.0 Low2024-03-28
CVE-2023-45705 HCL BigFix Platform is susceptible to Server Side Request Forgery (SSRF) — BigFix Platform 3.5 Low2024-03-28
CVE-2023-37540 HCL Sametime Chat is affected by an unimplemented feature in the UI — HCL Sametime Chat 3.9 Low2024-02-23
CVE-2023-37495 HCL Domino is susceptible to a weak cryptography vulnerability — HCL Domino Server 5.9 Medium2024-02-20
CVE-2023-28018 HCL Connections s vulnerable to possible denial of service for certain users — HCL Connections 5.5 Medium2024-02-12
CVE-2023-45698 HCL Sametime is impacted by clickjacking — HCL Sametime 4.8 Medium2024-02-10
CVE-2023-45696 HCL Sametime is impacted by an autocomplete enabled vulnerability — HCL Sametime 4.0 Medium2024-02-10
CVE-2023-45718 HCL Sametime is impacted by a failure to invalidate sessions — HCL Sametime 3.9 Low2024-02-09
CVE-2023-45716 HCL Sametime is impacted by a sensitive information disclosure — HCL Sametime 1.7 Low2024-02-09
CVE-2023-50349 HCL Sametime is impacted by a Cross Site Request Forgery (CSRF) vulnerability — HCL Sametime 5.9 Medium2024-02-09
CVE-2024-23550 HCL DevOps Deploy / HCL Launch (UCD) may be vulnerable to sensitive information disclosure — Launch / DevOps Deploy 6.2 Medium2024-02-03
CVE-2023-37528 A cross-site scripting (XSS) vulnerability affects HCL BigFix Platform — BigFix Platform 6.5 Medium2024-02-03
CVE-2024-23553 A cross-site scripting (XSS) vulnerability affects HCL BigFix Platform — BigFix Platform 3.0 Low2024-02-02
CVE-2023-37531 A cross-site scripting (XSS) vulnerability affects HCL BigFix Platform — BigFix Platform 3.3 Low2024-02-02
CVE-2023-37530 A cross-site scripting (XSS) vulnerability affects HCL BigFix Platform — BigFix Platform 3.0 Low2024-02-02
CVE-2023-37529 A cross-site scripting (XSS) vulnerability affects HCL BigFix Platform — BigFix Platform 3.0 Low2024-02-02
CVE-2023-37527 A cross-site scripting (XSS) vulnerability affects HCL BigFix Platform — BigFix Platform 5.4 Medium2024-02-02
CVE-2023-37518 A code injection vulnerability affects HCL BigFix ServiceNow Data Flow — BigFix ServiceNow Data Flow 6.4 Medium2024-01-30
CVE-2023-37523 HCL BigFix OSD Bare Metal Server WebUI is affected by missing or insecure tags — HCL BigFix OSD Bare Metal Server WebUI 5.6 Medium2024-01-16
CVE-2023-37522 HCL BigFix OSD Bare Metal Server WebUI is affected by missing or insecure tags — HCL BigFix OSD Bare Metal Server WebUI 5.6 Medium2024-01-16
CVE-2023-37521 HCL BigFix OSD Bare Metal Server WebUI is affected by sensitive information disclosure — HCL BigFix OSD Bare Metal Server WebUI 2.3 Low2024-01-16
CVE-2023-45722 Path Traversal Arbitrary File Read affects DRYiCE MyXalytics — DRYiCE MyXalytics 8.8 High2024-01-03
CVE-2023-45724 Unauthenticated File Upload affects DRYiCE MyXalytics — DRYiCE MyXalytics 8.2 High2024-01-03
CVE-2023-45723 Path Traversal which allows file upload capability affects DRYiCE MyXalytics — DRYiCE MyXalytics 7.6 High2024-01-03
CVE-2023-50341 Improper Access Control affects DRYiCE MyXalytics — DRYiCE MyXalytics 7.6 High2024-01-03
CVE-2023-50342 Insecure Direct Object Reference (IDOR) affects DRYiCE MyXalytics — DRYiCE MyXalytics 7.1 High2024-01-03

This page lists every published CVE security advisory associated with HCL Software. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.