CVE-2021-27785

HCL Commerce could allow a local attacker to obtain sensitive personal information (CVE-2021-27785)

CVSS 3.9 LOWEPSS 0.2%CWE-522

HCL Commerce's Remote Store server could allow a local attacker to obtain sensitive personal information. The vulnerability requires the victim to first perform a particular operation on the website.

CVSS:3.1/AV:P/AC:L/PR:L/UI:R/S:U/C:L/I:L/A:L

Productos afectados

HCL Software · HCL Commerce

¿Quieres saber si tu infraestructura está expuesta a esto?

Hablar con TrueHacking →

Referencias

https://support.hcltechsw.com/csm?id=kb_article&sysparm_article=KB0099765