CVE-2023-37521

Summary

HCL BigFix Bare OSD Metal Server WebUI version 311.19 or lower can sometimes include sensitive information in a query string which could allow an attacker to execute a malicious attack.

Affected Software

VendorProductVersion RangeStatus
HCL SoftwareHCL BigFix OSD Bare Metal Server WebUI<= 311.19affected

Weaknesses

ADP Enrichment

CVE Program Container

Additional References

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: partial

References