Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
bigfix platform vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2022-27544
BigFix Web Reports authorized users may see SMTP credentials in clear text.
Hcltech Bigfix Platform
NA
CVE-2022-27545
BigFix Web Reports authorized users may perform HTML injection for the email administrative configuration page.
Hcltech Bigfix Platform
3.5
CVSSv2
CVE-2019-4011
IBM BigFix Platform 9.2 and 9.5 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID:...
Ibm Bigfix Platform
9
CVSSv2
CVE-2019-4013
IBM BigFix Platform 9.5 could allow any authenticated user to upload any file to any location on the server with root privileges. This results in code execution on underlying system with root privileges. IBM X-Force ID: 155887.
Ibm Bigfix Platform
1 EDB exploit
4
CVSSv2
CVE-2019-4058
IBM BigFix Platform 9.2 and 9.5 could allow a low-privilege user to manipulate the UI into exposing interface elements and information normally restricted to administrators. IBM X-Force ID: 156570.
Ibm Bigfix Platform
5
CVSSv2
CVE-2019-4061
IBM BigFix Platform 9.2 and 9.5 could allow an malicious user to query the relay remotely and gather information about the updates and fixlets deployed to the associated sites due to not enabling authenticated access. IBM X-Force ID: 156869.
Ibm Bigfix Platform
4.6
CVSSv2
CVE-2021-27767
The BigFix Console installer is created with InstallShield, which was affected by CVE-2021-41526, a vulnerability that could allow a local user to perform a privilege escalation. This vulnerability was resolved by updating to an InstallShield version with the underlying vulnerabi...
Hcltech Bigfix Platform
2.1
CVSSv2
CVE-2018-2005
IBM BigFix Platform 9.2 and 9.5 stores potentially sensitive information in process memory that could be read by a local attacker with elevated permissions. IBM X-Force ID: 155007
Ibm Bigfix Platform
5
CVSSv2
CVE-2018-1600
IBM BigFix Platform 9.2 and 9.5 transmits sensitive or security-critical data in clear text in a communication channel that can be sniffed by unauthorized actors. IBM X-Force ID: 143745.
Ibm Bigfix Platform
4.3
CVSSv2
CVE-2020-14254
TLS-RSA cipher suites are not disabled in HCL BigFix Inventory up to v10.0.2. If TLS 2.0 and secure ciphers are not enabled then an attacker can passively record traffic and later decrypt it.
Hcltech Bigfix Platform
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2022-48693
CVE-2024-30851
CVE-2024-34460
CVE-2024-2887
local
CVE-2024-27956
remote code execution
CVE-2024-34475
privilege
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
NEXT »