Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
HCL BigFix Patch Download Plug-ins are affected by an insecure package which is susceptible to XML injection attacks
Vulnerability Description
BigFix Patch Download Plug-ins are affected by an insecure package which is susceptible to XML injection attacks. This allows an attacker to exploit this vulnerability by injecting malicious XML content, which can lead to various issues including denial of service and unauthorized access.
CVSS Information
CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:C/C:L/I:N/A:N
Vulnerability Type
XML外部实体引用的不恰当限制(XXE)
Vulnerability Title
HCL BigFix Patch Management 代码问题漏洞
Vulnerability Description
HCL BigFix Patch Management是美国HCL公司的一个全面的补丁管理解决方案,用于帮助组织有效地管理和部署操作系统和应用程序的安全和非安全补丁。 HCL BigFix Patch Management存在安全漏洞,该漏洞源于包含一个易受 XML 注入攻击的不安全软件包。
CVSS Information
N/A
Vulnerability Type
N/A