Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
bigfix platform vulnerabilities and exploits
(subscribe to this query)
6.1
CVSSv3
CVE-2017-1521
IBM Tivoli Endpoint Manager (for Lifecycle/Power/Patch) Platform and Applications (IBM BigFix Platform 9.2 and 9.5) is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality pot...
Ibm Bigfix Platform 9.5
Ibm Bigfix Platform 9.2
6.5
CVSSv3
CVE-2016-6084
IBM BigFix Platform could allow an attacker on the local network to crash the BES server using a specially crafted XMLSchema request.
Ibm Bigfix Platform 9.0
Ibm Bigfix Platform 9.1
7.5
CVSSv3
CVE-2018-1600
IBM BigFix Platform 9.2 and 9.5 transmits sensitive or security-critical data in clear text in a communication channel that can be sniffed by unauthorized actors. IBM X-Force ID: 143745.
Ibm Bigfix Platform
4.3
CVSSv3
CVE-2018-1485
IBM BigFix Platform 9.2.0 up to and including 9.2.14 and 9.5 up to and including 9.5.9 does not renew a session variable after a successful authentication which could lead to session fixation/hijacking vulnerability. This could force a user to utilize a cookie that may be known t...
Ibm Bigfix Platform
7.5
CVSSv3
CVE-2021-27761
Weak web transport security (Weak TLS): An attacker may be able to decrypt the data using attacks
Hcltech Bigfix Platform
9.8
CVSSv3
CVE-2021-27762
Misconfigured security-related HTTP headers: Several security-related headers were missing or mis-configured on the web responses
Hcltech Bigfix Platform
7.8
CVSSv3
CVE-2021-27765
The BigFix Server API installer is created with InstallShield, which was affected by CVE-2021-41526, a vulnerability that could allow a local user to perform a privilege escalation. This vulnerability was resolved by updating to an InstallShield version with the underlying vulner...
Hcltech Bigfix Platform
7.8
CVSSv3
CVE-2021-27766
The BigFix Client installer is created with InstallShield, which was affected by CVE-2021-41526, a vulnerability that could allow a local user to perform a privilege escalation. This vulnerability was resolved by updating to an InstallShield version with the underlying vulnerabil...
Hcltech Bigfix Platform
7.8
CVSSv3
CVE-2021-27767
The BigFix Console installer is created with InstallShield, which was affected by CVE-2021-41526, a vulnerability that could allow a local user to perform a privilege escalation. This vulnerability was resolved by updating to an InstallShield version with the underlying vulnerabi...
Hcltech Bigfix Platform
5.4
CVSSv3
CVE-2019-4011
IBM BigFix Platform 9.2 and 9.5 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID:...
Ibm Bigfix Platform
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
validation
CVE-2012-1823
malicious code
CVE-2024-5770
CVE-2023-45866
CVE-2024-35687
local users
CVE-2024-31246
CVE-2024-35730
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
NEXT »