CVE-2020-14247

6.5MEDIUM

Key Information:

Vendor: HCL Software
Status: Hcl Onetest Performance
Vendor: CVE Published:; 4 February 2021

Summary

HCL OneTest Performance V9.5, V10.0, V10.1 contains an inadequate session timeout, which could allow an attacker time to guess and use a valid session ID.

Affected Version(s)

HCL OneTest Performance V9.5

HCL OneTest Performance V10.0

HCL OneTest Performance V10.1

References

https://support.hcltechsw.com/csm?id=kb_article&sysparm_a...

x_refsource_MISC

CVSS V3.1

Score:

6.5

Severity:

MEDIUM

Confidentiality:

Low

Integrity:

Low

Availability:

Low

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Timeline

Vulnerability published
Feb 4, 2021
Vulnerability Reserved
Jun 17, 2020