Vulnerability Details CVE-2024-42212
HCL BigFix Compliance is affected by an improper or missing SameSite attribute. This can lead to Cross-Site Request Forgery (CSRF) attacks, where a malicious site could trick a user's browser into making unintended requests using authenticated sessions.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.0
EPSS Ranking 10.4%
CVSS Severity
CVSS v3 Score 5.4
Products affected by CVE-2024-42212
-
cpe:2.3:a:hcltech:bigfix_compliance:2.0.12