Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
hcltech modern client management vulnerabilities and exploits
(subscribe to this query)
6.5
CVSSv3
CVE-2021-27783
User generated PPKG file for Bulk Enroll may have unencrypted sensitive information exposed.
Hcltech Bigfix Modern Client Management 2.0
Hcltech Bigfix Modern Client Management 2.1
Hcltech Bigfix Mobile 2.1
Hcltech Bigfix Mobile 2.0
4.8
CVSSv3
CVE-2021-27781
The Master operator may be able to embed script tag in HTML with alert pop-up display cookie.
Hcltech Modern Client Management
Hcltech Bigfix Mobile
5.3
CVSSv3
CVE-2021-27780
The software may be vulnerable to both Un-Auth XML interaction and unauthenticated device enrollment.
Hcltech Modern Client Management
Hcltech Bigfix Mobile
4.8
CVSSv3
CVE-2023-28025
Due to this vulnerability, the Master operator could potentially incorporate an SVG tag into HTML, leading to an alert pop-up displaying a cookie. To mitigate stored XSS vulnerabilities, a preventive measure involves thoroughly sanitizing and validating all user inputs before the...
Hcltech Bigfix Modern Client Management
7.5
CVSSv3
CVE-2021-27782
HCL BigFix Mobile / Modern Client Management Admin and Config UI passwords can be brute-forced. User should be locked out for multiple invalid attempts.
Hcltech Bigfix Mobile 2.0
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-28995
CVE-2024-36680
CVE-2024-35537
unauthorized
CVE-2024-21518
CVE-2024-37673
cross-site scripting
SSRF
CVE-2024-6241
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started