CVE-2020-14275

EUVD-2020-6428
Security vulnerability in HCL Commerce 9.0.0.5 through 9.0.0.13, 9.0.1.0 through 9.0.1.14 and 9.1 through 9.1.4 could allow denial of service, disclosure of user personal data, and performing of unauthorized administrative operations.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTPrimary
9.8 CRITICAL
NETWORK
LOW
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Base Score
CVSS 3.x
EPSS Score
Percentile: 64%
Affected Products (NVD)
VendorProductVersion
hcltechswhcl_commerce
9.0.0.5 ≤
𝑥
≤ 9.0.0.13
hcltechswhcl_commerce
9.0.1.0 ≤
𝑥
≤ 9.0.1.14
hcltechswhcl_commerce
9.1 ≤
𝑥
≤ 9.1.4.0
𝑥
= Vulnerable software versions
References
https://support.hcltechsw.com/csm?id=kb_article&sysparm_article=KB0086271
https://support.hcltechsw.com/csm?id=kb_article&sysparm_article=KB0086271