Insufficient Session Expiration in HCL Commerce Allows Unauthorized Access

Insufficient Session Expiration in HCL Commerce Allows Unauthorized Access

CVE-2021-27751 · LOW Severity

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N

HCL Commerce is affected by an Insufficient Session Expiration vulnerability. After the session expires, in some circumstances, parts of the application are still accessible.

Learn more about our Web Application Penetration Testing UK.