Lucene search
K
HcltechBigfix Modern Client Management

6 matches found

CVE
CVE
added 2022/05/25 3:20 p.m.74 views

CVE-2021-27783

CVE-2021-27783 concerns HCL Technologies BigFix Mobile/Modern Client Management (versions v2.0 and v2.1). Affected component: PPKG files generated during user Bulk Enroll. Root cause: unencrypted sensitive information exposed within these PPKG files. Impact: information disclosure, enabling expos...

6.8CVSS6.4AI score0.00345EPSS
CVE
CVE
added 2023/12/21 12:32 a.m.56 views

CVE-2023-28025

CVE-2023-28025 affects HCL Technologies BigFix Mobile / Modern Client Management (including v3.1 and prior per multiple sources). The issue is a stored XSS via the ability to inject an SVG tag into HTML, resulting in an alert cookie pop-up. Root cause is improper input handling that allows SVG ma...

6.6CVSS5.1AI score0.00313EPSS
CVE
CVE
added 2025/10/16 8:25 a.m.19 views

CVE-2025-0276

CVE-2025-0276 affects HCL BigFix Modern Client Management (MCM)

6.5CVSS6.4AI score0.00285EPSS
CVE
CVE
added 2025/10/16 4:56 a.m.17 views

CVE-2025-0274

The CVE-2025-0274 entry concerns HCL BigFix Modern Client Management (MCM) with versions 3.3 and earlier. The root cause is improper access control that could permit unauthorized users to access a small subset of endpoint actions, potentially exposing internal functions. The affected product is d...

5.3CVSS6.3AI score0.00245EPSS
CVE
CVE
added 2025/10/16 5:14 a.m.15 views

CVE-2025-0275

HCL BigFix Mobile 3.3 and earlier are affected by improper access control. Multiple connected sources confirm that unauthorized users could access a small subset of endpoint actions, potentially exposing internal functions. The issue is described consistently across Red Hat, NVD, CVE lists, and r...

5.3CVSS6.3AI score0.00245EPSS
CVE
CVE
added 2025/10/16 8:27 a.m.14 views

CVE-2025-0277

CVE-2025-0277 affects HCL BigFix Mobile 3.3 and earlier. The issue arises from insecure directives in the Content Security Policy (CSP) , enabling an attacker to trick users into performing actions by insufficiently restricting sources of scripts and other content. What is vulnerable: CSP configu...

6.5CVSS6.4AI score0.00285EPSS