Vulnerabilities > Hcltech > Bigfix Inventory
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2022-05-06 | CVE-2021-27758 | Cross-Site Request Forgery (CSRF) vulnerability in Hcltech Bigfix Inventory There is a security vulnerability in login form related to Cross-site Request Forgery which prevents user to login after attacker spam to login and system blocked victim's account. | 6.5 |
| 2022-05-06 | CVE-2021-27759 | Insufficient Verification of Data Authenticity vulnerability in Hcltech Bigfix Inventory This vulnerability arises because the application allows the user to perform some sensitive action without verifying that the request was sent intentionally. | 6.5 |