Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
bigfix vulnerabilities and exploits
(subscribe to this query)
383
VMScore
CVE-2017-1232
IBM Tivoli Endpoint Manager (IBM BigFix Platform 9.2 and 9.5) transmits sensitive or security-critical data in cleartext in a communication channel that can be sniffed by unauthorized actors. IBM X-Force ID: 123911.
Ibm Bigfix Platform 9.2
Ibm Bigfix Platform 9.5
445
VMScore
CVE-2017-1220
IBM Tivoli Endpoint Manager (IBM BigFix Platform 9.2 and 9.5) discloses sensitive information to unauthorized users. The information can be used to mount further attacks on the system. IBM X-Force ID: 123860.
Ibm Bigfix Platform 9.2
Ibm Bigfix Platform 9.5
383
VMScore
CVE-2017-1229
IBM Tivoli Endpoint Manager (IBM BigFix 9.2 and 9.5) could allow a remote malicious user to obtain sensitive information, caused by the failure to properly enable HTTP Strict Transport Security. An attacker could exploit this vulnerability to obtain sensitive information using ma...
Ibm Bigfix Platform 9.2
Ibm Bigfix Platform 9.5
445
VMScore
CVE-2017-1230
IBM Tivoli Endpoint Manager (IBM BigFix Platform 9.2 and 9.5) uses insufficiently random numbers or values in a security context that depends on unpredictable numbers. This weakness may allow malicious users to expose sensitive information by guessing tokens or identifiers. IBM X...
Ibm Bigfix Platform 9.2
Ibm Bigfix Platform 9.5
294
VMScore
CVE-2016-6084
IBM BigFix Platform could allow an attacker on the local network to crash the BES server using a specially crafted XMLSchema request.
Ibm Bigfix Platform 9.0
Ibm Bigfix Platform 9.1
668
VMScore
CVE-2019-4012
IBM BigFix WebUI Profile Management 6 and Software Distribution 23 is vulnerable to SQL injection. A remote attacker could send specially-crafted SQL statements, which could allow the malicious user to view, add, modify or delete information in the back-end database. IBM X-Force ...
Ibm Bigfix Webui Software Distribution 23
Ibm Bigfix Webui Profile Management 6
NA
CVE-2022-27544
BigFix Web Reports authorized users may see SMTP credentials in clear text.
Hcltech Bigfix Platform
NA
CVE-2022-27545
BigFix Web Reports authorized users may perform HTML injection for the email administrative configuration page.
Hcltech Bigfix Platform
NA
CVE-2023-28019
Insufficient validation in Bigfix WebUI API App site version < 14 allows an authenticated WebUI user to issue SQL queries via an unparameterized SQL query.
Hcltech Bigfix Webui
NA
CVE-2023-28020
URL redirection in Login page in HCL BigFix WebUI allows malicious user to redirect the client browser to an external site via redirect URL response header.
Hcltech Bigfix Webui -
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2023-49223
CVE-2024-0044
information disclosure
CVE-2024-35753
HTML injection
CVE-2024-21306
CVE-2024-35733
SQL injection
CVE-2024-35732
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
NEXT »