Lucene search
K
Database
Vendors
Products
Timeline
Vulnerabilities
Perimeter Scanner
Scanning
Projects
Scanner
Agent Scanning
API Scanning
Manual Audit
Email
Webhook
Resources
Documents
Blog
Glossary
FAQ
Plugins
Pricing
Contacts
About Us
Partners
Branding Guideline
Settings
Sign in
HcltechBigfix Compliance

3 matches found

CVE
CVEadded 2025/05/05 7:15 p.m.46 views

CVE-2024-42212

HCL BigFix Compliance is affected by an improper or missing SameSite attribute. This can lead to Cross-Site Request Forgery (CSRF) attacks, where a malicious site could trick a user's browser into making unintended requests using authenticated sessions.

5.4CVSS5.4AI score0.00038EPSS
CVE
CVEadded 2024/11/07 9:15 a.m.44 views

CVE-2024-30140

HCL BigFix Compliance is affected by unvalidated redirects and forwards. The HOST header can be manipulated by an attacker and as a result, it can poison the web cache and provide back to users being served the page.

5.4CVSS5.4AI score0.00059EPSS
CVE
CVEadded 2025/05/05 7:15 p.m.42 views

CVE-2024-42213

HCL BigFix Compliance is affected by inclusion of temporary files left in the production environment. An attacker might gain access to these files by indexing or retrieved via predictable URLs or misconfigured permissions, leading to information disclosure.

5.3CVSS5.2AI score0.00045EPSS