Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
hcltech bigfix mobile vulnerabilities and exploits
(subscribe to this query)
4
CVSSv2
CVE-2021-27783
User generated PPKG file for Bulk Enroll may have unencrypted sensitive information exposed.
Hcltech Bigfix Modern Client Management 2.0
Hcltech Bigfix Modern Client Management 2.1
Hcltech Bigfix Mobile 2.1
Hcltech Bigfix Mobile 2.0
3.5
CVSSv2
CVE-2021-27781
The Master operator may be able to embed script tag in HTML with alert pop-up display cookie.
Hcltech Modern Client Management
Hcltech Bigfix Mobile
5
CVSSv2
CVE-2021-27780
The software may be vulnerable to both Un-Auth XML interaction and unauthenticated device enrollment.
Hcltech Modern Client Management
Hcltech Bigfix Mobile
NA
CVE-2023-28014
HCL BigFix Mobile is vulnerable to a cross-site scripting attack. An authenticated attacker could inject malicious scripts into the application.
Hcltech Bigfix Mobile 3.0
NA
CVE-2023-28012
HCL BigFix Mobile is vulnerable to a command injection attack. An authenticated attacker could run arbitrary shell commands on the WebUI server.
Hcltech Bigfix Mobile 3.0
NA
CVE-2021-27782
HCL BigFix Mobile / Modern Client Management Admin and Config UI passwords can be brute-forced. User should be locked out for multiple invalid attempts.
Hcltech Bigfix Mobile 2.0
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
bypass
open redirect
CVE-2024-4358
CVE-2024-24199
CVE-2024-5550
CVE-2024-5305
CVE-2024-30373
CVE-2024-1800
deserialization
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started