Lucene search
HistoryJul 19, 2022 - 4:15 p.m.
CVE-2022-27545
cve-2022-27545
bigfix
web reports
html injection
security vulnerability
nvd
5.4 Medium
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
REQUIRED
Scope
CHANGED
Confidentiality Impact
LOW
Integrity Impact
LOW
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N
5.7 Medium
AI Score
Confidence
High
0.001 Low
EPSS
Percentile
22.7%
BigFix Web Reports authorized users may perform HTML injection for the email administrative configuration page.
Affected configurations
Node
hcltechbigfix_platformRange9.5–9.5.19
ORhcltechbigfix_platformRange10.0–10.0.6
| CPE | Name | Operator | Version |
|---|---|---|---|
| hcltech:bigfix_platform | hcltech bigfix platform | le | 9.5.19 |
| hcltech:bigfix_platform | hcltech bigfix platform | le | 10.0.6 |
CNA Affected
[
{
"product": "HCL BigFix",
"vendor": "HCL Software",
"versions": [
{
"status": "affected",
"version": "9.5, 10.0"
}
]
}
]Social References
More
Related
prion
prion
Input validation
2022-07-19 16:15:00
cvelist
cvelist
nvd
nvd
CVE-2022-27545
2022-07-19 16:15:08
nessus
nessus
HCL BigFix Multiple Vulnerabilities (KB0098998)
2022-12-15 00:00:00
ibm
ibm
5.4 Medium
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
REQUIRED
Scope
CHANGED
Confidentiality Impact
LOW
Integrity Impact
LOW
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N
5.7 Medium
AI Score
Confidence
High
0.001 Low
EPSS
Percentile
22.7%
Related for CVE-2022-27545