CVE-2021-27756

Summary

"TLS-RSA cipher suites are not disabled in BigFix Compliance up to v2.0.5. If TLS 2.0 and secure ciphers are not enabled then an attacker can passively record traffic and later decrypt it."

Affected Software

VendorProductVersion RangeStatus
n/a“BigFix Compliance Server”"BigFix Compliance Server 2.0 - 2.0.5"affected

Weaknesses

  • "Sensitive Data Exposure"

ADP Enrichment

CVE Program Container

Additional References

References