cve,link,title,description,vendor,products,score,severity,epss,cisa,article,ransomware,exploited,poc,trended,trended_no_1,published,trended_score
CVE-2023-37520,https://securityvulnerability.io/vulnerability/CVE-2023-37520,HCL BigFix Platform is affected by Unathenticated Stored Cross-Site Scripting (XSS),"An unauthenticated stored cross-site scripting (XSS) vulnerability has been identified in BigFix Server version 9.5.12.68. This vulnerability resides in the Gather Status Report feature, which is served by the BigFix Relay. Attackers could exploit this XSS vulnerability to execute arbitrary scripts in the context of an affected user’s browser, leading to potential data exfiltration and unauthorized access to sensitive information. Proper remediation measures are essential to mitigate the risks associated with this vulnerability.",HCL Software,HCL BigFix Platform,7.7,HIGH,0.0006300000241026282,false,false,false,false,,false,false,2023-12-21T23:15:00.000Z,0
CVE-2023-37519,https://securityvulnerability.io/vulnerability/CVE-2023-37519,HCL BigFix Platform is affected by Unathenticated Stored Cross-Site Scripting (XSS),"An unauthenticated stored Cross-Site Scripting (XSS) vulnerability exists in the Download Status Report feature of the BigFix Server. Attackers can exploit this vulnerability to inject malicious scripts that can be executed in the context of a user's browser, potentially leading to data manipulation and exposure. Immediate action is recommended to secure affected instances and mitigate the risk of exploitation.",HCL Software,HCL BigFix Platform,7.7,HIGH,0.0006300000241026282,false,false,false,false,,false,false,2023-12-21T22:15:00.000Z,0
CVE-2020-4095,https://securityvulnerability.io/vulnerability/CVE-2020-4095,,"""BigFix Platform is storing clear text credentials within the system's memory. An attacker who is able to gain administrative privileges can use a program to create a memory dump and extract the credentials. These credentials can be used to pivot further into the environment. The principle of least privilege should be applied to all BigFix deployments, limiting administrative access.""",HCL Software,"""hcl Bigfix Platform""",6,MEDIUM,0.0004400000034365803,false,false,false,false,,false,false,2020-07-16T18:27:41.000Z,0