Vulnerabilities > Hcltech

DATE	CVE	VULNERABILITY TITLE	RISK
2023-07-27	CVE-2023-28012	Command Injection vulnerability in Hcltech Bigfix Mobile 3.0 HCL BigFix Mobile is vulnerable to a command injection attack. network low complexity hcltech CWE-77	8.8
2023-07-27	CVE-2023-28014	Cross-site Scripting vulnerability in Hcltech Bigfix Mobile 3.0 HCL BigFix Mobile is vulnerable to a cross-site scripting attack. network low complexity hcltech CWE-79	5.4
2023-07-26	CVE-2023-28013	Cross-site Scripting vulnerability in Hcltech Verse HCL Verse is susceptible to a Reflected Cross Site Scripting (XSS) vulnerability. network low complexity hcltech CWE-79	6.1
2023-07-18	CVE-2023-28023	Cross-Site Request Forgery (CSRF) vulnerability in Hcltech Bigfix Webui 14/20/44 A cross site request forgery vulnerability in the BigFix WebUI Software Distribution interface site version 44 and before allows an NMO attacker to access files on server side systems (server machine and all the ones in its network). network low complexity hcltech CWE-352	6.5
2023-07-18	CVE-2023-28020	Open Redirect vulnerability in Hcltech Bigfix Webui URL redirection in Login page in HCL BigFix WebUI allows malicious user to redirect the client browser to an external site via redirect URL response header. network low complexity hcltech CWE-601	6.1
2023-07-18	CVE-2023-28021	Inadequate Encryption Strength vulnerability in Hcltech Bigfix Webui The BigFix WebUI uses weak cipher suites. network low complexity hcltech CWE-326	7.5
2023-07-18	CVE-2023-28019	SQL Injection vulnerability in Hcltech Bigfix Webui Insufficient validation in Bigfix WebUI API App site version < 14 allows an authenticated WebUI user to issue SQL queries via an unparameterized SQL query. network low complexity hcltech CWE-89	8.8
2023-06-23	CVE-2023-23344	Incorrect Default Permissions vulnerability in Hcltech Bigfix Webui Insights 14 A permission issue in BigFix WebUI Insights site version 14 allows an authenticated, unprivileged operator to access an administrator page. network low complexity hcltech CWE-276	6.5
2023-06-22	CVE-2023-28006	Use of a Broken or Risky Cryptographic Algorithm vulnerability in Hcltech Bigfix OSD Bare Metal Server 311.12 The OSD Bare Metal Server uses a cryptographic algorithm that is no longer considered sufficiently secure. local low complexity hcltech CWE-327	7.8
2023-06-22	CVE-2023-28016	Injection vulnerability in Hcltech Bigfix OSD Bare Metal Server 311.12 Host Header Injection vulnerability in the HCL BigFix OSD Bare Metal Server version 311.12 or lower allows attacker to supply invalid input to cause the OSD Bare Metal Server to perform a redirect to an attacker-controlled domain. network low complexity hcltech CWE-74	6.1

Vulnerabilities > Hcltech {"@context":"https://schema.org","@type":"BreadcrumbList","itemListElement":[{"@type":"ListItem","position":1,"name":"Vulnerabilities","item":"https://cyber.vumetric.com/vulns/"},{"@type":"ListItem","position":2,"name":"Hcltech"}]}

Vulnerabilities > Hcltech