Bigfix Platform
by HCL Software
CVEs (26)
| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2022-38659 | 0.00 | — | 0.00 | Dec 17, 2022 | In specific scenarios, on Windows the operator credentials may be encrypted in a manner that is not completely machine-dependent. | |||
| CVE-2021-27767 | 0.00 | — | 0.00 | May 6, 2022 | The BigFix Console installer is created with InstallShield, which was affected by CVE-2021-41526, a vulnerability that could allow a local user to perform a privilege escalation. This vulnerability was resolved by updating to an InstallShield version with the underlying… | |||
| CVE-2021-27766 | 0.00 | — | 0.00 | May 6, 2022 | The BigFix Client installer is created with InstallShield, which was affected by CVE-2021-41526, a vulnerability that could allow a local user to perform a privilege escalation. This vulnerability was resolved by updating to an InstallShield version with the underlying… | |||
| CVE-2021-27765 | 0.00 | — | 0.00 | May 6, 2022 | The BigFix Server API installer is created with InstallShield, which was affected by CVE-2021-41526, a vulnerability that could allow a local user to perform a privilege escalation. This vulnerability was resolved by updating to an InstallShield version with the underlying… | |||
| CVE-2021-27762 | 0.00 | — | 0.01 | May 6, 2022 | Misconfigured security-related HTTP headers: Several security-related headers were missing or mis-configured on the web responses | |||
| CVE-2021-27761 | 0.00 | — | 0.00 | May 6, 2022 | Weak web transport security (Weak TLS): An attacker may be able to decrypt the data using attacks |
- CVE-2022-38659Dec 17, 2022risk 0.00cvss —epss 0.00
In specific scenarios, on Windows the operator credentials may be encrypted in a manner that is not completely machine-dependent.
- CVE-2021-27767May 6, 2022risk 0.00cvss —epss 0.00
The BigFix Console installer is created with InstallShield, which was affected by CVE-2021-41526, a vulnerability that could allow a local user to perform a privilege escalation. This vulnerability was resolved by updating to an InstallShield version with the underlying…
- CVE-2021-27766May 6, 2022risk 0.00cvss —epss 0.00
The BigFix Client installer is created with InstallShield, which was affected by CVE-2021-41526, a vulnerability that could allow a local user to perform a privilege escalation. This vulnerability was resolved by updating to an InstallShield version with the underlying…
- CVE-2021-27765May 6, 2022risk 0.00cvss —epss 0.00
The BigFix Server API installer is created with InstallShield, which was affected by CVE-2021-41526, a vulnerability that could allow a local user to perform a privilege escalation. This vulnerability was resolved by updating to an InstallShield version with the underlying…
- CVE-2021-27762May 6, 2022risk 0.00cvss —epss 0.01
Misconfigured security-related HTTP headers: Several security-related headers were missing or mis-configured on the web responses
- CVE-2021-27761May 6, 2022risk 0.00cvss —epss 0.00
Weak web transport security (Weak TLS): An attacker may be able to decrypt the data using attacks
Page 2 of 2