exploitDog

CVE-2024-42213

Опубликовано: 05 мая 2025

Источник: nvd

CVSS3: 5.3

EPSS Низкий

Описание

HCL BigFix Compliance is affected by inclusion of temporary files left in the production environment. An attacker might gain access to these files by indexing or retrieved via predictable URLs or misconfigured permissions, leading to information disclosure.

Ссылки

https://support.hcl-software.com/csm?id=kb_article&sysparm_article=KB0120961
Vendor Advisory

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:hcltech:bigfix_compliance:2.0.12:*:*:*:*:*:*:*

EPSS

Процентиль: 25%

0.00084

Низкий

5.3 Medium

CVSS3

Дефекты

CWE-531

Связанные уязвимости

GHSA-9hhm-vpcp-jrc3

CVSS3: 5.3

github

9 месяцев назад

HCL BigFix Compliance is affected by inclusion of temporary files left in the production environment. An attacker might gain access to these files by indexing or retrieved via predictable URLs or misconfigured permissions, leading to information disclosure.

EPSS

Процентиль: 25%

0.00084

Низкий

5.3 Medium

CVSS3

Дефекты

CWE-531