Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
HCL BigFix SaaS Authentication Service is vulnerable to cache poisoning
Vulnerability Description
HCL BigFix SaaS Authentication Service is vulnerable to cache poisoning. The BigFix SaaS's HTTP responses were observed to include the Origin header. Its presence alongside an unvalidated reflection of the Origin header value introduces a potential for cache poisoning.
CVSS Information
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
Vulnerability Type
源验证错误
Vulnerability Title
HCL BigFix SaaS Authentication Service 安全漏洞
Vulnerability Description
HCL BigFix SaaS Authentication Service是印度HCL公司的一个端点管理平台。 HCL BigFix SaaS Authentication Service存在安全漏洞,该漏洞源于未验证Origin标头值,可能导致缓存投毒。
CVSS Information
N/A
Vulnerability Type
N/A