Vulnerability Monitor

The vendors, products, and vulnerabilities you care about

CVE-2023-37521

HCL BigFix Bare OSD Metal Server WebUI version 311.19 or lower can sometimes include sensitive information in a query string which could allow an attacker to execute a malicious attack.

Published

2024-01-16T16:15:10.893

Last Modified

2024-11-21T08:11:51.827

Status

Modified

Source

[email protected]

Severity

CVSSv3.1: 2.3 (LOW)

Weaknesses

Type: Primary
NVD-CWE-noinfo
Type: Secondary
CWE-922

Affected Vendors & Products

Type	Vendor	Product	Version/Range	Vulnerable?
Application	hcltechsw	bigfix_bare_osd_metal_server_webui	< 311.28	Yes

References

https://support.hcltechsw.com/csm?id=kb_article&sysparm_article=KB0109754 Vendor Advisory ([email protected])
https://support.hcltechsw.com/csm?id=kb_article&sysparm_article=KB0109754 Vendor Advisory (af854a3a-2127-422b-91ae-364da2661108)