Vulnerabilities
Vulnerable Software
Hcltech:  >> Bigfix Mobile  >> 1.0  Security Vulnerabilities
HCL BigFix Mobile 3.3 and earlier are vulnerable to certain insecure directives within the Content Security Policy (CSP). An attacker could trick users into performing actions by not properly restricting the sources of scripts and other content.
CVSS Score
6.5
EPSS Score
0.001
Published
2025-10-16
HCL BigFix Modern Client Management (MCM) 3.3 and earlier are vulnerable to certain insecure directives within the Content Security Policy (CSP). An attacker could trick users into performing actions by not properly restricting the sources of scripts and other content.
CVSS Score
6.5
EPSS Score
0.001
Published
2025-10-16
HCL BigFix Mobile 3.3 and earlier is affected by improper access control. Unauthorized users can access a small subset of endpoint actions, potentially allowing access to select internal functions.
CVSS Score
5.3
EPSS Score
0.0
Published
2025-10-16
HCL BigFix Modern Client Management (MCM) 3.3 and earlier is affected by improper access control. Unauthorized users can access a small subset of endpoint actions, potentially allowing access to select internal functions.
CVSS Score
5.3
EPSS Score
0.0
Published
2025-10-16
The software may be vulnerable to both Un-Auth XML interaction and unauthenticated device enrollment.
CVSS Score
5.3
EPSS Score
0.002
Published
2022-05-27
The Master operator may be able to embed script tag in HTML with alert pop-up display cookie.
CVSS Score
6.6
EPSS Score
0.002
Published
2022-05-27


Contact Us

Shodan ® - All rights reserved