Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
hcltech modern client management vulnerabilities and exploits
(subscribe to this query)
6.5
CVSSv3
CVE-2021-27783
User generated PPKG file for Bulk Enroll may have unencrypted sensitive information exposed.
Hcltech Bigfix Modern Client Management 2.0
Hcltech Bigfix Modern Client Management 2.1
Hcltech Bigfix Mobile 2.1
Hcltech Bigfix Mobile 2.0
5.3
CVSSv3
CVE-2021-27780
The software may be vulnerable to both Un-Auth XML interaction and unauthenticated device enrollment.
Hcltech Modern Client Management
Hcltech Bigfix Mobile
4.8
CVSSv3
CVE-2021-27781
The Master operator may be able to embed script tag in HTML with alert pop-up display cookie.
Hcltech Modern Client Management
Hcltech Bigfix Mobile
4.8
CVSSv3
CVE-2023-28025
Due to this vulnerability, the Master operator could potentially incorporate an SVG tag into HTML, leading to an alert pop-up displaying a cookie. To mitigate stored XSS vulnerabilities, a preventive measure involves thoroughly sanitizing and validating all user inputs before the...
Hcltech Bigfix Modern Client Management
7.5
CVSSv3
CVE-2021-27782
HCL BigFix Mobile / Modern Client Management Admin and Config UI passwords can be brute-forced. User should be locked out for multiple invalid attempts.
Hcltech Bigfix Mobile 2.0
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
denial of service
CVE-2024-27371
CVE-2024-20405
CVE-2024-31627
CVE-2024-31625
race condition
CVE-2024-4358
cross-site scripting
CVE-2023-20938
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started