Design/Logic Flaw

2023-06-2222:15:00

PRIOn knowledge base

www.prio-n.com

clickjacking

hcl bigfix

bare metal server

vulnerability

redirect

user tricking

6.2 Medium

AI Score

Confidence

High

0.001 Low

EPSS

Percentile

19.9%

JSON

A clickjacking vulnerability in the HCL BigFix OSD Bare Metal Server version 311.12 or lower allows attacker to use transparent or opaque layers to trick a user into clicking on a button or link on another page to perform a redirect to an attacker-controlled domain.

CPENameOperatorVersion
bigfix_osd_bare_metal_serverle311.12

CPE	Name	Operator	Version
	bigfix_osd_bare_metal_server	le	311.12

References

support.hcltechsw.com/csm?id=kb_article&sysparm_article=KB0105601