Vulnerability Details CVE-2022-42453
There are insufficient warnings when a Fixlet is imported by a user. The warning message currently assumes the owner of the script is the logged in user, with insufficient warnings when attempting to run the script.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.0
EPSS Ranking 5.1%
CVSS Severity
CVSS v3 Score 6.9
References
Products affected by CVE-2022-42453
-
cpe:2.3:a:hcltech:bigfix_platform:10.0.0
-
cpe:2.3:a:hcltech:bigfix_platform:10.0.2
-
cpe:2.3:a:hcltech:bigfix_platform:10.0.5
-
cpe:2.3:a:hcltech:bigfix_platform:10.0.7
-
cpe:2.3:a:hcltech:bigfix_platform:9.5.10
-
cpe:2.3:a:hcltech:bigfix_platform:9.5.11
-
cpe:2.3:a:hcltech:bigfix_platform:9.5.12
-
cpe:2.3:a:hcltech:bigfix_platform:9.5.12.68
-
cpe:2.3:a:hcltech:bigfix_platform:9.5.13
-
cpe:2.3:a:hcltech:bigfix_platform:9.5.14
-
cpe:2.3:a:hcltech:bigfix_platform:9.5.15
-
cpe:2.3:a:hcltech:bigfix_platform:9.5.18
-
cpe:2.3:a:hcltech:bigfix_platform:9.5.2
-
cpe:2.3:a:hcltech:bigfix_platform:9.5.20
-
cpe:2.3:a:hcltech:bigfix_platform:9.5.3
-
cpe:2.3:a:hcltech:bigfix_platform:9.5.5
-
cpe:2.3:a:hcltech:bigfix_platform:9.5.6
-
cpe:2.3:a:hcltech:bigfix_platform:9.5.7
-
cpe:2.3:a:hcltech:bigfix_platform:9.5.9