Vulnerability Details CVE-2022-38658
BigFix deployments that have installed the Notification Service on Windows are susceptible to disclosing SMTP BigFix operator's sensitive data in clear text. Operators who use Notification Service related content from BES Support are at risk of leaving their SMTP sensitive data exposed.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.001
EPSS Ranking 21.8%
CVSS Severity
CVSS v3 Score 7.7
References
Products affected by CVE-2022-38658
-
cpe:2.3:a:hcltech:bigfix_server_automation:*
-
cpe:2.3:o:microsoft:windows:-