CVE-2022-38658

Sažetak

BigFix deployments that have installed the Notification Service on Windows are susceptible to disclosing SMTP BigFix operator's sensitive data in clear text. Operators who use Notification Service related content from BES Support are at risk of leaving their SMTP sensitive data exposed.

Reference

https://support.hcltechsw.com/csm?id=kb_article&sysparm_article=KB0102117
https://support.hcltechsw.com/csm?id=kb_article&sysparm_article=KB0102117

CVSS

Base:	7.7
Impact:	5.8
Exploitability:	1.3

Pristup

Vektor	Složenost	Autentikacija
NETWORK	HIGH	HIGH

Impact

Povjerljivost	Cjelovitost	Dostupnost
HIGH	NONE	HIGH

CVSS vektor

CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:C/C:H/I:N/A:H

Zadnje važnije ažuriranje

15-04-2025 - 15:15

Objavljeno

24-12-2022 - 00:15