漏洞信息
尽管我们使用了先进的大模型技术,但其输出仍可能包含不准确或过时的信息。神龙努力确保数据的准确性,但请您根据实际情况进行核实和判断。
Vulnerability Title
HCL BigFix Compliance is potentially affected by Oracle database credentials stored at endpoint
Vulnerability Description
Database scanning using username and password stores the credentials in plaintext or encoded format within files at the endpoint. This has been identified as a significant security risk. This will lead to exposure of sensitive information for unauthorized access, potentially leading to severe consequences such as data breaches, unauthorized data manipulation, and compromised system integrity.
CVSS Information
CVSS:3.1/AV:L/AC:L/PR:H/UI:R/S:U/C:H/I:H/A:H
Vulnerability Type
不充分的凭证保护机制
Vulnerability Title
HCL BigFix Compliance 安全漏洞
Vulnerability Description
HCL Technologies HCL BigFix Compliance是美国HCL Technologies公司的持续监控和应用终端安全设置,以确保符合法规或组织安全策略。 HCL BigFix Compliance 10.0.5.0之前版本存在安全漏洞,该漏洞源于使用用户名和密码进行数据库扫描会将凭据以明文或编码格式存储在端点的文件中,这将导致敏感信息遭到未经授权的访问,并可能导致数据泄露、未经授权的数据操纵。
CVSS Information
N/A
Vulnerability Type
N/A