Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
bigfix vulnerabilities and exploits
(subscribe to this query)
5
CVSSv2
CVE-2016-2935
The broker application in IBM BigFix Remote Control prior to 9.1.3 allows remote malicious users to cause a denial of service via an invalid HTTP request.
Ibm Bigfix Remote Control
5
CVSSv2
CVE-2016-2936
IBM BigFix Remote Control prior to 9.1.3 uses cleartext storage for unspecified passwords, which allows local users to obtain sensitive information via unknown vectors.
Ibm Bigfix Remote Control
6.4
CVSSv2
CVE-2016-2937
IBM BigFix Remote Control prior to 9.1.3 allows remote malicious users to obtain sensitive information or spoof e-mail transmission via a crafted POST request, related to an "untrusted information vulnerability."
Ibm Bigfix Remote Control
5
CVSSv2
CVE-2016-2940
Multiple unspecified vulnerabilities in IBM BigFix Remote Control prior to 9.1.3 allow remote malicious users to obtain sensitive information via unknown vectors.
Ibm Bigfix Remote Control
1.9
CVSSv2
CVE-2016-2943
IBM BigFix Remote Control prior to 9.1.3 allows local users to obtain sensitive information by leveraging unspecified privileges to read a log file.
Ibm Bigfix Remote Control
4.3
CVSSv2
CVE-2016-2951
IBM BigFix Remote Control prior to 9.1.3 does not properly set the default encryption strength, which makes it easier for remote malicious users to defeat cryptographic protection mechanisms by sniffing the network and performing calculations on encrypted data.
Ibm Bigfix Remote Control
4.3
CVSSv2
CVE-2016-2952
IBM BigFix Remote Control prior to 9.1.3 does not enable the HSTS protection mechanism, which makes it easier for remote malicious users to obtain sensitive information by leveraging use of HTTP.
Ibm Bigfix Remote Control
6.8
CVSSv2
CVE-2016-2963
Cross-site request forgery (CSRF) vulnerability in IBM BigFix Remote Control prior to 9.1.3 allows remote malicious users to hijack the authentication of arbitrary users for requests that insert XSS sequences.
Ibm Bigfix Remote Control
NA
CVE-2021-27782
HCL BigFix Mobile / Modern Client Management Admin and Config UI passwords can be brute-forced. User should be locked out for multiple invalid attempts.
Hcltech Bigfix Mobile 2.0
NA
CVE-2022-42451
Certain credentials within the BigFix Patch Management Download Plug-ins are stored insecurely and could be exposed to a local privileged user.
Hcltech Bigfix Patch Management
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
NULL pointer dereference
CVE-2023-52689
CVE-2024-23803
client side
CVE-2023-52696
information disclosure
CVE-2024-35843
CVE-2024-27130
CVE-2023-52697
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
5
6
7
8
9
10
NEXT »