Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
nvd[email protected]NVD:CVE-2022-44758
HistoryOct 11, 2023 - 7:15 a.m.

CVE-2022-44758

2023-10-1107:15:09
CWE-522
[email protected]
web.nvd.nist.gov
1
bigfix insights
ivr fixlet
improper credential handling
attacker access
unauthorized information

5.3 Medium

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

LOW

Integrity Impact

NONE

Availability Impact

NONE

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N

6.8 Medium

AI Score

Confidence

High

0.0005 Low

EPSS

Percentile

17.0%

JSON

BigFix Insights/IVR fixlet uses improper credential handling within certain fixlet content. An attacker can gain access to information that is not explicitly authorized.

Affected configurations

NVD
Node
hcltechbigfix_insights_for_vulnerability_remediationRange<2.0.3

Related

prion 1
cve 1
cvelist 1
gentoo 1
nessus 1
prion
prion
Input validation
2023-10-11 07:15:00
cve
cve
CVE-2022-44758
2023-10-11 07:15:09
cvelist
cvelist
CVE-2022-44758 HCL BigFix Insights for Vulnerability Remediation (IVR) is vulnerable to improper credential handling
2023-10-11 06:00:38
gentoo
gentoo
Heimdal: Multiple Vulnerabilities
2023-10-08 00:00:00
nessus
nessus
GLSA-202310-06 : Heimdal: Multiple Vulnerabilities
2023-10-08 00:00:00

5.3 Medium

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

LOW

Integrity Impact

NONE

Availability Impact

NONE

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N

6.8 Medium

AI Score

Confidence

High

0.0005 Low

EPSS

Percentile

17.0%

JSON
Related for NVD:CVE-2022-44758
prion1cve1cvelist1gentoo1nessus1