- Description
- Security vulnerability in HCL Commerce 9.0.0.5 through 9.0.0.13, 9.0.1.0 through 9.0.1.14 and 9.1 through 9.1.4 could allow denial of service, disclosure of user personal data, and performing of unauthorized administrative operations.
- Source
- psirt@hcl.com
- NVD status
- Modified
CVSS 3.1
- Type
- Primary
- Base score
- 9.8
- Impact score
- 5.9
- Exploitability score
- 3.9
- Vector string
- CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
- Severity
- CRITICAL
CVSS 2.0
- Type
- Primary
- Base score
- 7.5
- Impact score
- 6.4
- Exploitability score
- 10
- Vector string
- AV:N/AC:L/Au:N/C:P/I:P/A:P
- Hype score
- Not currently trending
[
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:a:hcltechsw:hcl_commerce:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "F17A0D77-6C38-4643-941D-872F1B4424C6",
"versionEndIncluding": "9.0.0.13",
"versionStartIncluding": "9.0.0.5"
},
{
"criteria": "cpe:2.3:a:hcltechsw:hcl_commerce:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "C9DEB087-1EDE-44B9-8352-AFB7EB7E1A2F",
"versionEndIncluding": "9.0.1.14",
"versionStartIncluding": "9.0.1.0"
},
{
"criteria": "cpe:2.3:a:hcltechsw:hcl_commerce:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "708CF20D-E70C-4B80-ADEB-0CE003780A46",
"versionEndIncluding": "9.1.4.0",
"versionStartIncluding": "9.1"
}
],
"operator": "OR"
}
]
}
]