Lucene search
K
Database
Vendors
Products
Timeline
Vulnerabilities
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
HcltechBigfix Compliance2.0.11

3 matches found

CVE
CVEadded 2024/11/07 9:15 a.m.44 views

CVE-2024-30140

HCL BigFix Compliance is affected by unvalidated redirects and forwards. The HOST header can be manipulated by an attacker and as a result, it can poison the web cache and provide back to users being served the page.

5.4CVSS5.4AI score0.00056EPSS
CVE
CVEadded 2024/11/07 9:15 a.m.44 views

CVE-2024-30141

HCL BigFix Compliance is vulnerable to the generation of error messages containing sensitive information. Detailed error messages can provide enticement information or expose information about its environment, users, or associated data.

4.7CVSS4.6AI score0.00068EPSS
CVE
CVEadded 2024/11/07 9:15 a.m.39 views

CVE-2024-30142

HCL BigFix Compliance is affected by a missing secure flag on a cookie. If a secure flag is not set, cookies may be stolen by an attacker using XSS, resulting in unauthorized access or session cookies could be transferred over an unencrypted channel.

3.8CVSS4.1AI score0.00021EPSS