Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
HCL BigFix Patch Download Plug-ins are affected by an arbitrary file download vulnerability
Vulnerability Description
BigFix Patch Download Plug-ins are affected by an arbitrary file download vulnerability. It could allow a malicious operator to download files from arbitrary URLs without any proper validation or allowlist controls.
CVSS Information
CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:C/C:L/I:N/A:N
Vulnerability Type
下载代码缺少完整性检查
Vulnerability Title
HCL BigFix Patch Management 安全漏洞
Vulnerability Description
HCL BigFix Patch Management是美国HCL公司的一个全面的补丁管理解决方案,用于帮助组织有效地管理和部署操作系统和应用程序的安全和非安全补丁。 HCL BigFix Patch Management存在安全漏洞,该漏洞源于包含一个任意文件下载漏洞。
CVSS Information
N/A
Vulnerability Type
N/A