Code injection

2022-03-0422:15:00

PRIOn knowledge base

www.prio-n.com

7.5 High

AI Score

Confidence

High

0.002 Low

EPSS

Percentile

51.4%

JSON

“TLS-RSA cipher suites are not disabled in BigFix Compliance up to v2.0.5. If TLS 2.0 and secure ciphers are not enabled then an attacker can passively record traffic and later decrypt it.”

CPENameOperatorVersion
bigfix_compliancege2.0
bigfix_compliancelt2.0.6

CPE	Name	Operator	Version
	bigfix_compliance	ge	2.0
	bigfix_compliance	lt	2.0.6

References

support.hcltechsw.com/csm?id=kb_article&sysparm_article=KB0096977