Vulnerabilities > Hcltech > Bigfix Webui > 20
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-07-18 | CVE-2023-28023 | Cross-Site Request Forgery (CSRF) vulnerability in Hcltech Bigfix Webui 14/20/44 A cross site request forgery vulnerability in the BigFix WebUI Software Distribution interface site version 44 and before allows an NMO attacker to access files on server side systems (server machine and all the ones in its network). | 6.5 |
| 2022-12-21 | CVE-2022-38655 | Unspecified vulnerability in Hcltech Bigfix Webui 20 BigFix WebUI non-master operators are missing controls that prevent them from being able to modify the relevance of fixlets or to deploy fixlets from the BES Support external site. | 5.8 |