CVE-2023-45706 LOW

CVE-2023-45706: HCL BigFix Platform is susceptible to Cross Site Scripting (XSS) and/or Man in the Middle (MITM) attack

Vendor Hcl Software
Product BigFix Platform
Published March 28, 2024
Last update November 7, 2024

CVSS base score

2.0/10
Attack vector Network
Attack complexity High
Privileges required High
User interaction Required
Confidentiality Low
Integrity None

CVSS vector

CVSS:3.1/AV:N/AC:H/PR:H/UI:R/S:U/C:L/I:N/A:N

What the vulnerability does

01Description

An administrative user of WebReports may perform a Cross Site Scripting (XSS) and/or Man in the Middle (MITM) exploit through SAML configuration.

Key dates

02Disclosure timeline

March 28, 2024 CVE published
November 7, 2024 Record updated