CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2024-30126

HCL BigFix Compliance is affected by a missing X-Frame-Options HTTP header which can allow an attacker to create a malicious website that embeds the target website in a frame or iframe, tricking users into performing actions on the target website without their knowledge.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.001

EPSS Ranking 34.0%

CVSS Severity

CVSS v3 Score 4.7

References

https://support.hcltechsw.com/csm?id=kb_article&sysparm_article=KB0113886
https://support.hcltechsw.com/csm?id=kb_article&sysparm_article=KB0113886

Products affected by CVE-2024-30126

Hcltech » Bigfix Compliance » Version: 2.0

cpe:2.3:a:hcltech:bigfix_compliance:2.0
Hcltech » Bigfix Compliance » Version: 2.0.5

cpe:2.3:a:hcltech:bigfix_compliance:2.0.5
Hcltech » Bigfix Compliance » Version: 2.0.6

cpe:2.3:a:hcltech:bigfix_compliance:2.0.6

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2024-30126

Products

Pricing

Contact Us