HCL BigFix OSD Bare Metal Server WebUI is affected by missing or insecure tags
CVE-2023-37523

9.8CRITICAL

Key Information:

Vendor: HCL Software Software
Status: HCL Software Bigfix Osd Bare Metal Server Webui
Vendor: CVE Published:; 16 January 2024

🔔 Create HCL Software Software Vulnerability Alert

What is CVE-2023-37523?

The HCL BigFix Bare OSD Metal Server WebUI is susceptible to security issues stemming from missing or improperly configured tags. This vulnerability enables potential attackers to exploit the system by executing malicious scripts in the context of the user's browser, which could lead to unauthorized actions or the compromise of sensitive data. Users utilizing version 311.19 or lower of this product should be aware of the risks associated with this flaw and take appropriate measures to mitigate potential threats.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

Affected Version(s)

HCL BigFix OSD Bare Metal Server WebUI <= 311.19

References

https://support.hcltechsw.com/csm?id=kb_article&sysparm_a...

CVSS V3.1

Score:

9.8

Severity:

CRITICAL

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Timeline

Vulnerability published
Jan 16, 2024
Vulnerability Reserved
Jul 6, 2023

JSON

HCL Software Software

What is CVE-2023-37523?

Human OS v1.0: Ageing Is an Unpatched Zero-Day Vulnerability.

Affected Version(s)

References

CVSS V3.1

Timeline

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.