CVE-2024-23583
6.7
CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
Summary
An attacker could potentially intercept credentials via the task manager and perform unauthorized access to the Client Deploy Tool on Windows systems.
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| HCL Software | BigFix Platform | 9.5 - 9.5.24, 10 - 10.0.11, 11.0.1 | affected |
Weaknesses
- CWE-522: CWE-522 Insufficiently Protected Credentials
ADP Enrichment
CISA ADP Vulnrichment
- SSVC:
- Exploitation: none
- Automatable: no
- Technical Impact: total
CVE Program Container
Additional References
References
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.