Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
bigfix vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2022-38655
BigFix WebUI non-master operators are missing controls that prevent them from being able to modify the relevance of fixlets or to deploy fixlets from the BES Support external site.
Hcltech Bigfix Webui 20
NA
CVE-2022-42451
Certain credentials within the BigFix Patch Management Download Plug-ins are stored insecurely and could be exposed to a local privileged user.
Hcltech Bigfix Patch Management
NA
CVE-2023-28012
HCL BigFix Mobile is vulnerable to a command injection attack. An authenticated attacker could run arbitrary shell commands on the WebUI server.
Hcltech Bigfix Mobile 3.0
NA
CVE-2023-28014
HCL BigFix Mobile is vulnerable to a cross-site scripting attack. An authenticated attacker could inject malicious scripts into the application.
Hcltech Bigfix Mobile 3.0
4.3
CVSSv2
CVE-2016-2927
IBM BigFix Remote Control prior to 9.1.3 does not properly restrict the set of available encryption algorithms, which makes it easier for remote malicious users to defeat cryptographic protection mechanisms by sniffing the network and performing calculations on encrypted data.
Ibm Bigfix Remote Control
4
CVSSv2
CVE-2016-2928
IBM BigFix Remote Control prior to 9.1.3 allows remote authenticated users to obtain sensitive information by reading error logs.
Ibm Bigfix Remote Control
5
CVSSv2
CVE-2016-2932
IBM BigFix Remote Control prior to 9.1.3 allows remote malicious users to conduct XML injection attacks via unspecified vectors.
Ibm Bigfix Remote Control
6.8
CVSSv2
CVE-2016-2933
Directory traversal vulnerability in IBM BigFix Remote Control prior to 9.1.3 allows remote authenticated administrators to read arbitrary files via a crafted request.
Ibm Bigfix Remote Control
5
CVSSv2
CVE-2016-2935
The broker application in IBM BigFix Remote Control prior to 9.1.3 allows remote malicious users to cause a denial of service via an invalid HTTP request.
Ibm Bigfix Remote Control
5
CVSSv2
CVE-2016-2936
IBM BigFix Remote Control prior to 9.1.3 uses cleartext storage for unspecified passwords, which allows local users to obtain sensitive information via unknown vectors.
Ibm Bigfix Remote Control
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-33572
CVE-2024-24919
CVE-2024-0230
CVE-2024-32714
HTML injection
local file inclusion
CVE-2024-31098
CVE-2024-31244
privilege
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
4
5
6
7
8
9
10
NEXT »