CVE-2020-14274

7.5HIGH

Key Information:

Vendor: HCL Software
Status: Hcl Commerce
Vendor: CVE Published:; 12 January 2021

Summary

Information disclosure vulnerability in HCL Commerce 9.0.1.9 through 9.0.1.14 and 9.1 through 9.1.4 could allow a remote attacker to obtain user personal data via unknown vectors.

Affected Version(s)

HCL Commerce v9.0.1.9 through v9.0.1.14

HCL Commerce v9.1 through v9.1.4

References

https://support.hcltechsw.com/csm?id=kb_article&sysparm_a...

x_refsource_CONFIRM

CVSS V3.1

Score:

7.5

Severity:

HIGH

Confidentiality:

High

Integrity:

None

Availability:

High

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Timeline

Vulnerability published
Jan 12, 2021
Vulnerability Reserved
Jun 17, 2020