CVE-2022-38655 HCL BigFix WebUI is affected by a missing-permission-check vulnerability

BigFix WebUI non-master operators are missing controls that prevent them from being able to modify the relevance of fixlets or to deploy fixlets from the BES Support external site...

PT-2022-24505 · Ibm · Bigfix Webui

Name of the Vulnerable Software and Affected Versions: BigFix WebUI affected versions not specified Description: The issue concerns BigFix WebUI non-master operators who are missing necessary controls. These operators can modify the relevance of fixlets or deploy fixlets from the BES Support...

CVE-2021-27764 HCL BigFix WebUI Cookie missing attributes

Cookie without HTTPONLY flag set. NUMBER cookies was set without Secure or HTTPOnly flags. The images show the cookie with the missing flag. WebUI...

CVE-2019-4012

IBM BigFix WebUI Profile Management 6 and Software Distribution 23 is vulnerable to SQL injection. A remote attacker could send specially-crafted SQL statements, which could allow the attacker to view, add, modify or delete information in the back-end database. IBM X-Force ID: 155886...

IBM BigFix WebUI Software Distribution and IBM BigFix WebUI Profile Management SQL Injection Vulnerabilities

IBM BigFix WebUI Software Distribution and IBM BigFix WebUI Profile Management are both products of IBM Corporation of the U.S.A. IBM BigFix WebUI Software Distribution is a software distribution application.IBM BigFix WebUI Profile Management is a configuration management application. IBM BigFix...