CVEDB API

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2023-37520

Unauthenticated Stored Cross-Site Scripting (XSS) vulnerability identified in BigFix Server version 9.5.12.68, allowing for potential data exfiltration. This XSS vulnerability is in the Gather Status Report, which is served by the BigFix Relay.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.001

EPSS Ranking 32.0%

CVSS Severity

CVSS v3 Score 7.7

References

Products affected by CVE-2023-37520

Hcltech » Bigfix Platform » Version: 10.0.0

cpe:2.3:a:hcltech:bigfix_platform:10.0.0
Hcltech » Bigfix Platform » Version: 10.0.2

cpe:2.3:a:hcltech:bigfix_platform:10.0.2
Hcltech » Bigfix Platform » Version: 10.0.5

cpe:2.3:a:hcltech:bigfix_platform:10.0.5
Hcltech » Bigfix Platform » Version: 10.0.7

cpe:2.3:a:hcltech:bigfix_platform:10.0.7
Hcltech » Bigfix Platform » Version: 10.0.8

cpe:2.3:a:hcltech:bigfix_platform:10.0.8
Hcltech » Bigfix Platform » Version: 11.0.0

cpe:2.3:a:hcltech:bigfix_platform:11.0.0
Hcltech » Bigfix Platform » Version: 9.5

cpe:2.3:a:hcltech:bigfix_platform:9.5
Hcltech » Bigfix Platform » Version: 9.5.10

cpe:2.3:a:hcltech:bigfix_platform:9.5.10
Hcltech » Bigfix Platform » Version: 9.5.11

cpe:2.3:a:hcltech:bigfix_platform:9.5.11
Hcltech » Bigfix Platform » Version: 9.5.12

cpe:2.3:a:hcltech:bigfix_platform:9.5.12
Hcltech » Bigfix Platform » Version: 9.5.12.68

cpe:2.3:a:hcltech:bigfix_platform:9.5.12.68
Hcltech » Bigfix Platform » Version: 9.5.13

cpe:2.3:a:hcltech:bigfix_platform:9.5.13
Hcltech » Bigfix Platform » Version: 9.5.14

cpe:2.3:a:hcltech:bigfix_platform:9.5.14
Hcltech » Bigfix Platform » Version: 9.5.15

cpe:2.3:a:hcltech:bigfix_platform:9.5.15
Hcltech » Bigfix Platform » Version: 9.5.18

cpe:2.3:a:hcltech:bigfix_platform:9.5.18
Hcltech » Bigfix Platform » Version: 9.5.2

cpe:2.3:a:hcltech:bigfix_platform:9.5.2
Hcltech » Bigfix Platform » Version: 9.5.20

cpe:2.3:a:hcltech:bigfix_platform:9.5.20
Hcltech » Bigfix Platform » Version: 9.5.21

cpe:2.3:a:hcltech:bigfix_platform:9.5.21
Hcltech » Bigfix Platform » Version: 9.5.3

cpe:2.3:a:hcltech:bigfix_platform:9.5.3
Hcltech » Bigfix Platform » Version: 9.5.5

cpe:2.3:a:hcltech:bigfix_platform:9.5.5
Hcltech » Bigfix Platform » Version: 9.5.6

cpe:2.3:a:hcltech:bigfix_platform:9.5.6
Hcltech » Bigfix Platform » Version: 9.5.7

cpe:2.3:a:hcltech:bigfix_platform:9.5.7
Hcltech » Bigfix Platform » Version: 9.5.9

cpe:2.3:a:hcltech:bigfix_platform:9.5.9

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2023-37520

Products

Pricing

Contact Us