Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

HCL Software — Vulnerabilities & Security Advisories 330

Browse all 330 CVE security advisories affecting HCL Software. AI-powered Chinese analysis, POCs, and references for each vulnerability.

HCL Software specializes in enterprise application development and management tools, primarily serving large organizations with legacy and modernization needs. Its portfolio includes Domino, OpenPages, and various integration platforms, which historically present a diverse attack surface. Common vulnerability classes affecting these products include remote code execution, cross-site scripting, and privilege escalation, often stemming from complex configurations or outdated underlying frameworks. The company has addressed numerous security flaws, with records indicating hundreds of disclosed CVEs over the years. Notable incidents have involved authentication bypasses and injection flaws in older versions of its collaboration suites. HCL Software generally responds to these issues through regular patch cycles and security advisories, though the sheer volume of legacy code contributes to the high number of recorded vulnerabilities. Users are advised to maintain strict update protocols to mitigate risks associated with these known security gaps.

Top products by HCL Software: DRYiCE MyXalytics BigFix Platform HCL Launch HCL Leap Connections BigFix Service Management (SM) Sametime AION HCL Connections BigFix Patch Management Download Plug-ins Nomad server on Domino HCL Sametime HCL Domino Leap BigFix Compliance iAutomate BigFix SaaS Remediate HCL DevOps Deploy / HCL Launch HCL BigFix Platform IEM DevOps Deploy / Launch HCL Unica Platform Unica Platform BigFix Insights for Vulnerability Remediation DRYiCE Optibot Reset Station HCL MyXalytics HCL Commerce HCL Digital Experience HCL Traveler DRYiCE AEX HCL BigFix Mobile / Modern Client Management
CVE IDTitleCVSSSeverityPublished
CVE-2023-50343 Improper Access Control (Controller APIs) affects DRYiCE MyXalytics — DRYiCE MyXalytics 8.3 High2024-01-03
CVE-2023-50344 Unauthenticated File Downloads affect DRYiCE MyXalytics — DRYiCE MyXalytics 5.4 Medium2024-01-03
CVE-2023-50345 Open Redirect affects DRYiCE MyXalytics — DRYiCE MyXalytics 3.7 Low2024-01-03
CVE-2023-50346 An information disclosure affects DRYiCE MyXalytics — DRYiCE MyXalytics 3.1 Low2024-01-03
CVE-2023-50348 Improper Error Handling affects DRYiCE MyXalytics — DRYiCE MyXalytics 3.1 Low2024-01-03
CVE-2023-50350 A broken cryptographic algorithm impacts MyXalytics — DRYiCE MyXalytics 8.2 High2024-01-03
CVE-2023-50351 Insecure key rotation affects MyXalytics — DRYiCE MyXalytics 8.2 High2024-01-03
CVE-2023-45702 HCL Launch Agent as a Windows service is vulnerable to a Denial of Service — HCL Launch 6.2 Medium2023-12-28
CVE-2023-45701 HCL Launch is susceptible to sensitive information disclosure — HCL Launch 4.3 Medium2023-12-28
CVE-2023-37520 HCL BigFix Platform is affected by Unathenticated Stored Cross-Site Scripting (XSS) — HCL BigFix Platform 7.7 High2023-12-21
CVE-2023-37519 HCL BigFix Platform is affected by Unathenticated Stored Cross-Site Scripting (XSS) — HCL BigFix Platform 7.7 High2023-12-21
CVE-2023-28025 An HTML injection vulnerability can affect HCL BigFix Mobile / Modern Client Management — HCL BigFix Mobile / Modern Client Management 6.6 Medium2023-12-21
CVE-2023-45700 HCL Launch is susceptible to an HTML injection vulnerability — HCL Launch 4.3 Medium2023-12-21
CVE-2023-45703 HCL Launch is susceptible to a Denial of Service vulnerability — HCL Launch 5.3 Medium2023-12-20
CVE-2023-28022 HCL Connections is vulnerable to sensitive information disclosure — HCL Connections 3.5 Low2023-12-15
CVE-2023-28017 HCL Connections is vulnerable to cross-site scripting — HCL Connections 5.4 Medium2023-12-07
CVE-2023-37533 HCL Connections is vulnerable to reflected cross-site scripting — HCL Connections 5.4 Medium2023-11-08
CVE-2023-37532 A path traversal vulnerability affects HCL Commerce — HCL Commerce 5.8 Medium2023-10-23
CVE-2023-37503 A weak password requirements vulnerability affects HCL Compass — HCL Compass 8.1 High2023-10-19
CVE-2023-37504 An insufficient session expiration vulnerability affects HCL Compass — HCL Compass 7.1 High2023-10-19
CVE-2023-37502 An unrestricted file upload vulnerability affects HCL Compass — HCL Compass 9.0 Critical2023-10-18
CVE-2023-37537 HCL AppScan Presence deployed as Windows service might be vulnerable to an Unquoted Service Path vulnerability — HCL AppScan Presence 7.8 High2023-10-17
CVE-2023-37538 HCL Digital Experience is susceptible to cross site scripting (XSS) — Digital Experience 9.3 Critical2023-10-11
CVE-2023-37536 HCL BigFix Platform is vulnerable to an integer overflow in xerces-c++ 3.2.3 — BigFix Platform 8.2 High2023-10-11
CVE-2022-44757 HCL BigFix Insights for Vulnerability Remediation (IVR) is vulnerable to weak cryptography — BigFix Insights for Vulnerability Remediation 6.5 Medium2023-10-11
CVE-2022-44758 HCL BigFix Insights for Vulnerability Remediation (IVR) is vulnerable to improper credential handling — BigFix Insights for Vulnerability Remediation 6.5 Medium2023-10-11
CVE-2022-42451 HCL BigFix Patch Management is vulnerable to insecurely stored credentials — BigFix Patch Management 4.6 Medium2023-10-11
CVE-2023-28010 HCL Domino is susceptible to a sensitive information disclosure vulnerability — HCL Domino Server 4.0 Medium2023-09-08
CVE-2023-37512 HCL Traveler Companion is vulnerable to revealing sensitive information via the task switcher — HCL Traveler Companion 3.3 Low2023-08-11
CVE-2023-37513 HCL Traveler To Do is vulnerable to revealing sensitive information via the task switcher — HCL Traveler To Do 3.3 Low2023-08-11

This page lists every published CVE security advisory associated with HCL Software. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.