CVE-2020-14275

Security vulnerability in HCL Commerce 9.0.0.5 through 9.0.0.13, 9.0.1.0 through 9.0.1.14 and 9.1 through 9.1.4 could allow denial of service, disclosure of user personal data, and performing of unauthorized administrative operations.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTNIST
9.8 CRITICAL
NETWORK
LOW
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
HCLCNA
---
---
CVEADP
---
---
Base Score
CVSS 3.x
EPSS Score
Percentile: 63%
VendorProductVersion
hcltechswhcl_commerce
9.0.0.5 ≤
𝑥
≤ 9.0.0.13
hcltechswhcl_commerce
9.0.1.0 ≤
𝑥
≤ 9.0.1.14
hcltechswhcl_commerce
9.1 ≤
𝑥
≤ 9.1.4.0
𝑥
= Vulnerable software versions
References
https://support.hcltechsw.com/csm?id=kb_article&sysparm_article=KB0086271
https://support.hcltechsw.com/csm?id=kb_article&sysparm_article=KB0086271