PT-2024-12629 · Hcl · Hcl Bigfix Bare Osd Metal Server Webui
Published
2024-01-16
·
Updated
2024-01-23
·
CVE-2023-37523
CVSS v3.1
9.8
Critical
| Vector | AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H |
Name of the Vulnerable Software and Affected Versions
HCL BigFix Bare OSD Metal Server WebUI versions 311.19 or lower
Description
The issue is related to missing or insecure tags in the HCL BigFix Bare OSD Metal Server WebUI, which could allow an attacker to execute a malicious script on the user's browser.
Recommendations
For versions 311.19 or lower, update to a version higher than 311.19 to resolve the issue.
At the moment, there is no information about other specific mitigation measures for this vulnerability.
Fix
XSS
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Hcl Bigfix Bare Osd Metal Server Webui