2981 matches found
CVE-2023-28021 BigFix WebUI is vulnerable to use of a risky cryptographic algorithm
The BigFix WebUI uses weak cipher suites...
CVE-2023-28021
CVE-2023-28021 concerns HCL BigFix WebUI and the use of weak cipher suites. The vulnerability is described across multiple feeds as a crypto-related weakness affecting the WebUI, with confidentiality impact; no explicit exploitation details or affected version ranges are provided in the supplied ...
CVE-2023-28019
Insufficient validation in Bigfix WebUI API App site version 14 allows an authenticated WebUI user to issue SQL queries via an unparameterized SQL query...
Input validation
Insufficient validation in Bigfix WebUI API App site version 14 allows an authenticated WebUI user to issue SQL queries via an unparameterized SQL query...
CVE-2023-28020
CVE-2023-28020 concerns a URL redirection in the login page of HCL BigFix WebUI that allows a malicious user to redirect a client browser to an external site via a redirect URL response header. The connected PT-2023-21486 entry explicitly notes the vulnerable software is HCL BigFix WebUI and desc...
CVE-2023-28020 URL redirection affects BigFix WebUI
URL redirection in Login page in HCL BigFix WebUI allows malicious user to redirect the client browser to an external site via redirect URL response header...
CVE-2023-28020 URL redirection affects BigFix WebUI
URL redirection in Login page in HCL BigFix WebUI allows malicious user to redirect the client browser to an external site via redirect URL response header...
CVE-2023-28019
CVE-2023-28019 concerns the Bigfix WebUI API App. The issue is described as insufficient validation in the WebUI API, affecting versions prior to 14, enabling an authenticated WebUI user to issue SQL queries via an unparameterized SQL query. The root cause is unparameterized queries/insufficient ...
CVE-2023-28019 An SQL injection affects BigFix WebUI API
Insufficient validation in Bigfix WebUI API App site version 14 allows an authenticated WebUI user to issue SQL queries via an unparameterized SQL query...
CVE-2023-28019 An SQL injection affects BigFix WebUI API
Insufficient validation in Bigfix WebUI API App site version 14 allows an authenticated WebUI user to issue SQL queries via an unparameterized SQL query...
PT-2023-21484 · Ibm · Bigfix Webui Api App
Name of the Vulnerable Software and Affected Versions: Bigfix WebUI API App versions prior to 14 Description: The issue is related to insufficient validation, allowing an authenticated WebUI user to issue SQL queries via an unparameterized SQL query. Recommendations: For versions prior to 14,...
PT-2023-21486 · Hcl · Hcl Bigfix Webui
Name of the Vulnerable Software and Affected Versions: HCL BigFix WebUI affected versions not specified Description: The issue allows a malicious user to redirect the client browser to an external site via a redirect URL response header in the login page. Recommendations: At the moment, there is ...
HCL BigFix Platform SQL注入漏洞
HCL Technologies HCL BigFix Platform is a suite of endpoint security management platforms from HCL Technologies, USA. The platform supports automated discovery, management and remediation of endpoint security issues. A security vulnerability exists in HCL Bigfix WebUI API App prior to version 14,...
PT-2023-21487 · Ibm · Bigfix Webui
Name of the Vulnerable Software and Affected Versions: BigFix WebUI affected versions not specified Description: The issue concerns the use of weak cipher suites by the BigFix WebUI. Recommendations: At the moment, there is no information about a newer version that contains a fix for this...
PT-2023-21489 · Ibm · Bigfix Webui
Name of the Vulnerable Software and Affected Versions: BigFix WebUI Software Distribution interface site versions prior to 44 Description: A cross-site request forgery issue in the BigFix WebUI Software Distribution interface site allows an NMO attacker to access files on server-side systems,...
MAL-2023-694 Malicious code in presto-webui (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware cc84a4fe2d659dd1d6ab8f160c0c7c4a5f1920b754c9be7cccae485027e209e0 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
CVE-2023-23344
A permission issue in BigFix WebUI Insights site version 14 allows an authenticated, unprivileged operator to access an administrator page...
Code injection
A permission issue in BigFix WebUI Insights site version 14 allows an authenticated, unprivileged operator to access an administrator page...
CVE-2023-23344 HCL BigFix WebUI Insights is susceptible to a lack of sufficient authorization
A permission issue in BigFix WebUI Insights site version 14 allows an authenticated, unprivileged operator to access an administrator page...
CVE-2023-23344 HCL BigFix WebUI Insights is susceptible to a lack of sufficient authorization
A permission issue in BigFix WebUI Insights site version 14 allows an authenticated, unprivileged operator to access an administrator page...