CVE-2022-42453

Summary

There are insufficient warnings when a Fixlet is imported by a user. The warning message currently assumes the owner of the script is the logged in user, with insufficient warnings when attempting to run the script.

Affected Software

VendorProductVersion RangeStatus
HCL SoftwareBigFix Platform9.5 - 9.5.20, 10 - 10.0.7affected

Weaknesses

  • n/a

ADP Enrichment

CVE Program Container

Additional References

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: total

References