Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
HCL BigFix Inventory is affected by an access control vulnerability
Vulnerability Description
An improper handling of insufficient permissions or privileges affects HCL BigFix Inventory. An attacker having access via a read-only account can possibly change certain configuration parameters by crafting a specific REST API call.
CVSS Information
CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:L/A:N
Vulnerability Type
不充分权限或特权的处理不恰当
Vulnerability Title
HCL BigFix Inventory 安全漏洞
Vulnerability Description
HCL BigFix Inventory是美国HCL公司的一种软件清单。通过软件合规性和使用管理保持软件审计降低安全风险。 HCL BigFix Inventory存在安全漏洞,该漏洞源于权限不足或特权处理不当。攻击者利用该漏洞可以通过制作特定的 REST API 调用来更改某些配置参数。
CVSS Information
N/A
Vulnerability Type
N/A