CVE-2023-37522

Summary

HCL BigFix Bare OSD Metal Server WebUI version 311.19 or lower has missing or insecure tags that could allow an attacker to execute a malicious script on the user's browser.

Affected Software

VendorProductVersion RangeStatus
HCL SoftwareHCL BigFix OSD Bare Metal Server WebUI<= 311.19affected

Weaknesses

ADP Enrichment

CVE Program Container

Additional References

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: total

References