Hcltech - Bigfix Webui CVE

Filtered by vendor Hcltech Subscribe

Filtered by product Bigfix Webui

ALL

NONE (0.0) LOW (0.1 - 3.9) MEDIUM (4.0 - 6.9) HIGH (7.0 - 8.9) CRITICAL (9.0 - 10.0)

Total 2 CVE

CVE	Vendors	Products	Updated	CVSS v2	CVSS v3
CVE-2023-28021	1 Hcltech	1 Bigfix Webui	2023-07-27	N/A	7.5 HIGH
The BigFix WebUI uses weak cipher suites.
CVE-2023-28019	1 Hcltech	1 Bigfix Webui	2023-07-27	N/A	8.8 HIGH
Insufficient validation in Bigfix WebUI API App site version < 14 allows an authenticated WebUI user to issue SQL queries via an unparameterized SQL query.

Vulnerabilities (CVE)