Lucene search

HCLCVELIST:CVE-2023-28006

HistoryJun 22, 2023 - 10:07 p.m.

CVE-2023-28006 HCL BigFix OSD Bare Metal Server is affected by a weak cryptographic algorithm.

2023-06-2222:07:58

HCL

www.cve.org

hcl bigfix osd

bare metal server

weak cryptographic algorithm

CVSS3

Attack Vector

LOCAL

Attack Complexity

HIGH

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H

EPSS

Percentile

9.0%

JSON

The OSD Bare Metal Server uses a cryptographic algorithm that is no longer considered sufficiently secure.

CNA Affected

[
  {
    "defaultStatus": "unaffected",
    "product": "HCL BigFix OSD Bare Metal Server",
    "vendor": "HCL Software",
    "versions": [
      {
        "status": "affected",
        "version": "< 311.12"
      }
    ]
  }
]

References

support.hcltechsw.com/csm?id=kb_article&sysparm_article=KB0105601

CVSS3

Attack Vector

LOCAL

Attack Complexity

HIGH

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H

EPSS

Percentile

9.0%

JSON

Related for CVELIST:CVE-2023-28006