HCL BigFix WebUI Software Distribution is affected by a cross site server request forgery vulnerability
CVE-2023-28023

4.9MEDIUM

Key Information:

Vendor: Hcl Software
Status: Hcl Bigfix Webui Software Distribution
Vendor: CVE Published:; 18 July 2023

🔔 Create Hcl Software Vulnerability Alert

What is CVE-2023-28023?

A cross site request forgery vulnerability in the BigFix WebUI Software Distribution interface site version 44 and before allows an NMO attacker to access files on server side systems (server machine and all the ones in its network).

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

Affected Version(s)

HCL BigFix WebUI Software Distribution <=44

References

https://support.hcltechsw.com/csm?id=kb_article&sysparm_a...

CVSS V3.1

Score:

4.9

Severity:

MEDIUM

Confidentiality:

Low

Integrity:

Low

Availability:

Low

Attack Vector:

Network

Attack Complexity:

High

Privileges Required:

Low

User Interaction:

None

Scope:

Changed

Timeline

Vulnerability published
Jul 18, 2023
Vulnerability Reserved
Mar 10, 2023

JSON

Hcl Software