CVE-2023-45706

Summary

An administrative user of WebReports may perform a Cross Site Scripting (XSS) and/or Man in the Middle (MITM) exploit through SAML configuration.

Affected Software

VendorProductVersion RangeStatus
HCL SoftwareBigFix Platform9.5 - 9.5.23, 10.0 - 10.0.10, 11.0.0 - 11.0.1affected

Weaknesses

ADP Enrichment

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: partial

CVE Program Container

Additional References

References