CVE-2022-38655

Опубликовано: 21 дек. 2022

Источник: nvd

CVSS3: 6.4

CVSS3: 5.8

EPSS Низкий

Описание

BigFix WebUI non-master operators are missing controls that prevent them from being able to modify the relevance of fixlets or to deploy fixlets from the BES Support external site.

Ссылки

https://support.hcltechsw.com/csm?id=kb_article&sysparm_article=KB0102140
Vendor Advisory
https://support.hcltechsw.com/csm?id=kb_article&sysparm_article=KB0102140
Vendor Advisory

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:hcltech:bigfix_webui:20:*:*:*:*:*:*:*

EPSS

Процентиль: 39%

0.00174

Низкий

6.4 Medium

CVSS3

5.8 Medium

CVSS3

Дефекты

NVD-CWE-noinfo

CWE-284

Связанные уязвимости

GHSA-p6cr-3vwp-qgx2

CVSS3: 5.8

github

около 3 лет назад

BigFix WebUI non-master operators are missing controls that prevent them from being able to modify the relevance of fixlets or to deploy fixlets from the BES Support external site.

EPSS

Процентиль: 39%

0.00174

Низкий

6.4 Medium

CVSS3

5.8 Medium

CVSS3

Дефекты

NVD-CWE-noinfo

CWE-284