Server-Side Error in Windows Server Leads to Server Process Death
CVE-2024-30125

6.2MEDIUM

Key Information:

Vendor: Hcl Software
Status: Bigfix Compliance
Vendor: CVE Published:; 18 July 2024

Summary

A vulnerability exists in the HCL BigFix Compliance server that can lead to instances where the server reacts to certain requests with an HTTP status of 500. This status indicates a server-side error, which may result in interruptions in service or complete server process termination. Such behavior can make the affected system susceptible to denial-of-service conditions, potentially affecting organizations relying on the platform for compliance management and other functions. It is crucial for users to monitor their systems and apply recommended best practices to mitigate such vulnerabilities.

Affected Version(s)

BigFix Compliance 2.0.x

References

https://support.hcltechsw.com/csm?id=kb_article&sysparm_a...

CVSS V3.1

Score:

6.2

Severity:

MEDIUM

Confidentiality:

Low

Integrity:

High

Availability:

Low

Attack Vector:

Local

Attack Complexity:

High

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Timeline

Vulnerability published
Jul 18, 2024
Vulnerability Reserved
Mar 22, 2024