CVE-2022-44758

Summary

BigFix Insights/IVR fixlet uses improper credential handling within certain fixlet content. An attacker can gain access to information that is not explicitly authorized.

Affected Software

VendorProductVersion RangeStatus
HCL SoftwareBigFix Insights for Vulnerability Remediation<=2.0.2affected

Weaknesses

ADP Enrichment

CVE Program Container

Additional References

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: yes
    • Technical Impact: partial

References