URL redirection affects BigFix WebUI
CVE-2023-28020

4.7MEDIUM

Key Information:

Vendor: Hcl Software
Status: Hcl Bigfix Webui
Vendor: CVE Published:; 18 July 2023

🔔 Create Hcl Software Vulnerability Alert

What is CVE-2023-28020?

URL redirection in Login page in HCL BigFix WebUI allows malicious user to redirect the client browser to an external site via redirect URL response header.

Affected Version(s)

HCL BigFix WebUI All

References

https://support.hcltechsw.com/csm?id=kb_article&sysparm_a...

CVSS V3.1

Score:

4.7

Severity:

MEDIUM

Confidentiality:

Low

Integrity:

None

Availability:

Low

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

Required

Scope:

Changed

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Jul 18, 2023
Vulnerability Reserved
Mar 10, 2023