CVE-2022-44758

Опубликовано: 11 окт. 2023

Источник: nvd

CVSS3: 6.5

CVSS3: 5.3

EPSS Низкий

Описание

BigFix Insights/IVR fixlet uses improper credential handling within certain fixlet content. An attacker can gain access to information that is not explicitly authorized.

Ссылки

https://support.hcltechsw.com/csm?id=kb_article&sysparm_article=KB0108005
Vendor Advisory
https://support.hcltechsw.com/csm?id=kb_article&sysparm_article=KB0108005
Vendor Advisory

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:hcltech:bigfix_insights_for_vulnerability_remediation:*:*:*:*:*:*:*:*

Версия до 2.0.3 (исключая)

EPSS

Процентиль: 29%

0.00106

Низкий

6.5 Medium

CVSS3

5.3 Medium

CVSS3

Дефекты

CWE-522

Связанные уязвимости

GHSA-8qg5-38vg-2774

CVSS3: 6.5

github

больше 2 лет назад

BigFix Insights/IVR fixlet uses improper credential handling within certain fixlet content. An attacker can gain access to information that is not explicitly authorized.

EPSS

Процентиль: 29%

0.00106

Низкий

6.5 Medium

CVSS3

5.3 Medium

CVSS3

Дефекты

CWE-522