CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

5 matches found

CVE•added 2022/12/22 6:52 p.m.•58 views

CVE-2022-38658

CVE-2022-38658 affects HCL BigFix Server Automation deployments that have the Notification Service installed on Windows. The root issue is exposure of SMTP BigFix operators’ sensitive data in cleartext via the Notification Service content from BES Support. Impact is limited to confidentiality, wi...

7.7CVSS7.5AI score0.0016EPSS

Exploits0References1Affected Software1

NVD•added 2022/12/21 5:15 p.m.•11 views

CVE-2022-38655

BigFix WebUI non-master operators are missing controls that prevent them from being able to modify the relevance of fixlets or to deploy fixlets from the BES Support external site...

6.4CVSS0.00174EPSS

Exploits0References1

OSV•added 2022/12/21 5:15 p.m.•2 views

CVE-2022-38655

BigFix WebUI non-master operators are missing controls that prevent them from being able to modify the relevance of fixlets or to deploy fixlets from the BES Support external site...

5.8CVSS5.8AI score0.00174EPSS

Exploits0References1

Prion•added 2022/12/21 5:15 p.m.•18 views

Xxe

BigFix WebUI non-master operators are missing controls that prevent them from being able to modify the relevance of fixlets or to deploy fixlets from the BES Support external site...

5CVSS5.7AI score0.00174EPSS

Exploits0References1Affected Software1

Vulnrichment•added 2022/12/20 4:51 a.m.•6 views

CVE-2022-38655 HCL BigFix WebUI is affected by a missing-permission-check vulnerability

BigFix WebUI non-master operators are missing controls that prevent them from being able to modify the relevance of fixlets or to deploy fixlets from the BES Support external site...

6.4CVSS6.5AI score0.00174EPSS

Exploits0References1

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by