CVE-2023-37523

Sažetak

Missing or insecure tags in the HCL BigFix Bare OSD Metal Server WebUI version 311.19 or lower could allow an attacker to execute a malicious script on the user's browser.

Reference

https://support.hcltechsw.com/csm?id=kb_article&sysparm_article=KB0109754
https://support.hcltechsw.com/csm?id=kb_article&sysparm_article=KB0109754

CVSS

Base:	5.6
Impact:	3.4
Exploitability:	2.2

Pristup

Vektor	Složenost	Autentikacija
NETWORK	HIGH	NONE

Impact

Povjerljivost	Cjelovitost	Dostupnost
LOW	LOW	LOW

CVSS vektor

CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L

Zadnje važnije ažuriranje

03-06-2025 - 19:15

Objavljeno

16-01-2024 - 18:15