Lucene search
HistoryOct 11, 2023 - 7:15 a.m.
CVE-2022-44757
bigfix ivr
cryptography
credential exposure
sensitive information
data modification
CVSS3
8.2
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
LOW
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:N
AI Score
7
Confidence
High
EPSS
0.001
Percentile
40.6%
BigFix Insights for Vulnerability Remediation (IVR) uses weak cryptography that can lead to credential exposure. An attacker could gain access to sensitive information, modify data in unexpected ways, etc.
Affected configurations
Node
hcltechbigfix_insights_for_vulnerability_remediationRange<2.0.3
| Vendor | Product | Version | CPE |
|---|---|---|---|
| hcltech | bigfix_insights_for_vulnerability_remediation | * | cpe:2.3:a:hcltech:bigfix_insights_for_vulnerability_remediation:*:*:*:*:*:*:*:* |
Related
cve
cve
CVE-2022-44757
2023-10-11 07:15:09
prion
prion
Design/Logic Flaw
2023-10-11 07:15:00
cnvd
cnvd
vulnrichment
vulnrichment
cvelist
cvelist
CVSS3
8.2
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
LOW
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:N
AI Score
7
Confidence
High
EPSS
0.001
Percentile
40.6%
Related for NVD:CVE-2022-44757