CVE-2022-42453

There are insufficient warnings when a Fixlet is imported by a user. The warning message currently assumes the owner of the script is the logged in user, with insufficient warnings when attempting to run the script.
Configurations

Configuration 1 (hide)

OR cpe:2.3:a:hcltech:bigfix_platform:*:*:*:*:*:*:*:*
cpe:2.3:a:hcltech:bigfix_platform:*:*:*:*:*:*:*:*

History

21 Nov 2024, 07:24

Type Values Removed Values Added
References () https://support.hcltechsw.com/csm?id=kb_article&sysparm_article=KB0102049 - Third Party Advisory () https://support.hcltechsw.com/csm?id=kb_article&sysparm_article=KB0102049 - Third Party Advisory
Summary
  • (es) No hay advertencias suficientes cuando un usuario importa un Fixlet. El mensaje de advertencia actualmente supone que el propietario del script es el usuario que inició sesión, con advertencias insuficientes al intentar ejecutar el script.
CVSS v2 : unknown
v3 : 6.5
v2 : unknown
v3 : 6.9

Information

Published : 2022-12-19 11:15

Updated : 2025-04-17 15:15


NVD link : CVE-2022-42453

Mitre link : CVE-2022-42453

CVE.ORG link : CVE-2022-42453


JSON object : View

Products Affected

hcltech

  • bigfix_platform
CWE
CWE-287

Improper Authentication