exploitDog

GHSA-9hhm-vpcp-jrc3

Опубликовано: 05 мая 2025

Источник: github

Github: Не прошло ревью

CVSS3: 5.3

Описание

HCL BigFix Compliance is affected by inclusion of temporary files left in the production environment. An attacker might gain access to these files by indexing or retrieved via predictable URLs or misconfigured permissions, leading to information disclosure.

HCL BigFix Compliance is affected by inclusion of temporary files left in the production environment. An attacker might gain access to these files by indexing or retrieved via predictable URLs or misconfigured permissions, leading to information disclosure.

Ссылки

EPSS

Процентиль: 25%

0.00084

Низкий

5.3 Medium

CVSS3

CVE ID

Дефекты

CWE-531

Связанные уязвимости

CVE-2024-42213

CVSS3: 5.3

nvd

9 месяцев назад

HCL BigFix Compliance is affected by inclusion of temporary files left in the production environment. An attacker might gain access to these files by indexing or retrieved via predictable URLs or misconfigured permissions, leading to information disclosure.

EPSS

Процентиль: 25%

0.00084

Низкий

5.3 Medium

CVSS3

CVE ID

Дефекты

CWE-531