CVEDB API

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2020-14248

BigFix Inventory up to v10.0.2 does not set the secure flag for the session cookie in an https session, which can cause the cookie to be sent in http requests and make it easier for remote attackers to capture this cookie.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.001

EPSS Ranking 34.1%

CVSS Severity

CVSS v3 Score 5.3

CVSS v2 Score 5.0

References

Products affected by CVE-2020-14248

Hcltech » Bigfix Platform » Version: 10

cpe:2.3:a:hcltech:bigfix_platform:10
Hcltech » Bigfix Platform » Version: 10.0.0

cpe:2.3:a:hcltech:bigfix_platform:10.0.0
Hcltech » Bigfix Platform » Version: 10.0.2

cpe:2.3:a:hcltech:bigfix_platform:10.0.2
Hcltech » Bigfix Platform » Version: 9.0.0

cpe:2.3:a:hcltech:bigfix_platform:9.0.0
Hcltech » Bigfix Platform » Version: 9.2

cpe:2.3:a:hcltech:bigfix_platform:9.2
Hcltech » Bigfix Platform » Version: 9.2.19

cpe:2.3:a:hcltech:bigfix_platform:9.2.19
Hcltech » Bigfix Platform » Version: 9.5

cpe:2.3:a:hcltech:bigfix_platform:9.5
Hcltech » Bigfix Platform » Version: 9.5.10

cpe:2.3:a:hcltech:bigfix_platform:9.5.10
Hcltech » Bigfix Platform » Version: 9.5.11

cpe:2.3:a:hcltech:bigfix_platform:9.5.11
Hcltech » Bigfix Platform » Version: 9.5.12

cpe:2.3:a:hcltech:bigfix_platform:9.5.12
Hcltech » Bigfix Platform » Version: 9.5.12.68

cpe:2.3:a:hcltech:bigfix_platform:9.5.12.68
Hcltech » Bigfix Platform » Version: 9.5.13

cpe:2.3:a:hcltech:bigfix_platform:9.5.13
Hcltech » Bigfix Platform » Version: 9.5.14

cpe:2.3:a:hcltech:bigfix_platform:9.5.14
Hcltech » Bigfix Platform » Version: 9.5.15

cpe:2.3:a:hcltech:bigfix_platform:9.5.15
Hcltech » Bigfix Platform » Version: 9.5.18

cpe:2.3:a:hcltech:bigfix_platform:9.5.18
Hcltech » Bigfix Platform » Version: 9.5.2

cpe:2.3:a:hcltech:bigfix_platform:9.5.2
Hcltech » Bigfix Platform » Version: 9.5.20

cpe:2.3:a:hcltech:bigfix_platform:9.5.20
Hcltech » Bigfix Platform » Version: 9.5.21

cpe:2.3:a:hcltech:bigfix_platform:9.5.21
Hcltech » Bigfix Platform » Version: 9.5.23

cpe:2.3:a:hcltech:bigfix_platform:9.5.23
Hcltech » Bigfix Platform » Version: 9.5.24

cpe:2.3:a:hcltech:bigfix_platform:9.5.24
Hcltech » Bigfix Platform » Version: 9.5.25

cpe:2.3:a:hcltech:bigfix_platform:9.5.25
Hcltech » Bigfix Platform » Version: 9.5.3

cpe:2.3:a:hcltech:bigfix_platform:9.5.3
Hcltech » Bigfix Platform » Version: 9.5.5

cpe:2.3:a:hcltech:bigfix_platform:9.5.5
Hcltech » Bigfix Platform » Version: 9.5.6

cpe:2.3:a:hcltech:bigfix_platform:9.5.6
Hcltech » Bigfix Platform » Version: 9.5.7

cpe:2.3:a:hcltech:bigfix_platform:9.5.7
Hcltech » Bigfix Platform » Version: 9.5.9

cpe:2.3:a:hcltech:bigfix_platform:9.5.9

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2020-14248

Products

Pricing

Contact Us