Hcltech: >> Bigfix Platform >> 10.0.12 Security Vulnerabilities
HCL BigFix Web Reports' service communicates over HTTPS but exhibits a weakness in its handling of SSL certificate validation. This scenario presents a possibility of man-in-the-middle (MITM) attacks and data exposure as, if exploited, this vulnerability could potentially lead to unauthorized access.
CVSS Score
2.1
EPSS Score
0.001
Published
2025-04-15
HCL BigFix Web Reports might be subject to a Stored Cross-Site Scripting (XSS) attack, due to a potentially weak validation of user input.
CVSS Score
4.8
EPSS Score
0.001
Published
2025-04-15
HCL BigFix Web Reports might be subject to a Denial of Service (DoS) attack, due to a potentially weak validation of an API parameter.
CVSS Score
5.6
EPSS Score
0.002
Published
2025-04-15