exploitDog

CVE-2023-28012

Опубликовано: 27 июл. 2023

Источник: nvd

CVSS3: 5.4

CVSS3: 8.8

EPSS Низкий

Описание

HCL BigFix Mobile is vulnerable to a command injection attack. An authenticated attacker could run arbitrary shell commands on the WebUI server.

Ссылки

https://support.hcltechsw.com/csm?id=kb_article&sysparm_article=KB0106372
Vendor Advisory
https://support.hcltechsw.com/csm?id=kb_article&sysparm_article=KB0106372
Vendor Advisory

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:hcltech:bigfix_mobile:3.0:*:*:*:*:*:*:*

EPSS

Процентиль: 65%

0.00499

Низкий

5.4 Medium

CVSS3

8.8 High

CVSS3

Дефекты

CWE-77

Связанные уязвимости

GHSA-fwmc-89r4-x328

CVSS3: 6.6

github

больше 2 лет назад

HCL BigFix Mobile is vulnerable to a cross-site scripting attack. An authenticated attacker could inject malicious scripts into the application.

EPSS

Процентиль: 65%

0.00499

Низкий

5.4 Medium

CVSS3

8.8 High

CVSS3

Дефекты

CWE-77