Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
hcl software hcl bigfix platform vulnerabilities and exploits
(subscribe to this query)
6.1
CVSSv3
CVE-2023-37519
Unauthenticated Stored Cross-Site Scripting (XSS) vulnerability. This XSS vulnerability is in the Download Status Report, which is served by the BigFix Server.
Hcl Software Hcl Bigfix Platform
Hcltech Bigfix Platform
Hcltech Bigfix Platform 11.0.0
6.1
CVSSv3
CVE-2023-37520
Unauthenticated Stored Cross-Site Scripting (XSS) vulnerability identified in BigFix Server version 9.5.12.68, allowing for potential data exfiltration. This XSS vulnerability is in the Gather Status Report, which is served by the BigFix Relay.
Hcl Software Hcl Bigfix Platform
Hcltech Bigfix Platform
Hcltech Bigfix Platform 11.0.0
5.6
CVSSv4
CVE-2024-42189
HCL BigFix Web Reports might be subject to a Denial of Service (DoS) attack, due to a potentially weak validation of an API parameter.
Hcl Software Hcl Bigfix Platform
2.1
CVSSv4
CVE-2024-42193
HCL BigFix Web Reports' service communicates over HTTPS but exhibits a weakness in its handling of SSL certificate validation. This scenario presents a possibility of man-in-the-middle (MITM) attacks and data exposure as, if exploited, this vulnerability could potentially le...
Hcl Software Hcl Bigfix Platform
4.8
CVSSv4
CVE-2024-42200
HCL BigFix Web Reports might be subject to a Stored Cross-Site Scripting (XSS) attack, due to a potentially weak validation of user input.
Hcl Software Hcl Bigfix Platform
7.8
CVSSv3
CVE-2022-38659
In specific scenarios, on Windows the operator credentials may be encrypted in a manner that is not completely machine-dependent.
Hcl Software Bigfix Platform
Hcltech Bigfix Platform
6.5
CVSSv3
CVE-2022-42453
There are insufficient warnings when a Fixlet is imported by a user. The warning message currently assumes the owner of the script is the logged in user, with insufficient warnings when attempting to run the script.
Hcl Software Bigfix Platform
Hcltech Bigfix Platform
7.2
CVSSv3
CVE-2023-45705
An administrative user of WebReports may perform a Server Side Request Forgery (SSRF) exploit through SMTP configuration options.
Hcl Software Bigfix Platform
Hcltech Bigfix Platform
5.4
CVSSv3
CVE-2023-37529
A cross-site scripting (XSS) vulnerability in the Web Reports component of HCL BigFix Platform can possibly allow an malicious user to execute malicious javascript code into a webpage trying to retrieve cookie stored information. This is not the same vulnerability as identified i...
Hcl Software Bigfix Platform
Hcltech Bigfix Platform
Hcltech Bigfix Platform 11.0.0
5.4
CVSSv3
CVE-2023-37530
A cross-site scripting (XSS) vulnerability in the Web Reports component of HCL BigFix Platform can possibly allow an malicious user to execute malicious javascript code into a webpage trying to retrieve cookie stored information.
Hcl Software Bigfix Platform
Hcltech Bigfix Platform
Hcltech Bigfix Platform 11.0.0
Preferred Score:
CVSSv3
CVSSv2
CVSSv3
CVSSv4
EPSS
VMScore
Recommendations:
camera
validation
CVE-2025-39395
CVE-2025-39445
andreyk
CVE-2025-4664
ciyashop
eduma
wordpress events calendar registration & tickets
CVE-2025-39376
CVE-2025-43836
CVE-2025-4918
local
Home
/
Search Results
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
NEXT »
Vulmon