CVE-2020-14246

Description

HCL OneTest Performance V9.5, V10.0, V10.1 uses basic authentication which is relatively weak. An attacker could potentially decode the encoded credentials.

Affected Software
References

Software	From	Fixed in
hcltechsw / onetest_performance	10.0.0	10.0.0.x
hcltechsw / onetest_performance	10.1.0	10.1.0.x
hcltechsw / onetest_performance	9.5.0	9.5.0.x

https://support.hcltechsw.com/csm?id=kb_article&sysparm_article=KB0086470

Severity: High

CVE: CVE-2020-14246
Published: Feb 4, 2021
Updated: Apr 13, 2023
Exploit:

Severity: High
Score: 7.5
AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

Severity: Medium
Score: 5
AV:N/AC:L/Au:N/C:P/I:N/A:N

CWE-327

A3 - Sensitive Data Exposure

CVE-2020-14246

Description

Details

CVSS v3

CVSS v2

CWEs

OWASP TOP 10