CVE-2020-14275

Security vulnerability in HCL Commerce 9.0.0.5 through 9.0.0.13, 9.0.1.0 through 9.0.1.14 and 9.1 through 9.1.4 could allow denial of service, disclosure of user personal data, and performing of unauthorized administrative operations.

Published: Jan 12, 2021
Updated: Apr 13, 2023
CVE: CVE-2020-14275
Severity: Critical
Exploit:

CVSS v3:

Severity: Critical
Score: 9.8
AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

CVSS v2:

Severity: High
Score: 7.5
AV:N/AC:L/Au:N/C:P/I:P/A:P

No CWE or OWASP classifications available.

Affected Software
References

Software	From	Fixed in
hcltechsw / hcl_commerce	9.1	9.1.4.0.x
hcltechsw / hcl_commerce	9.0.0.5	9.0.0.13.x
hcltechsw / hcl_commerce	9.0.1.0	9.0.1.14.x

https://support.hcltechsw.com/csm?id=kb_article&sysparm_article=KB0086271

Vulnerability Database

289,871

CVE-2020-14275