← back
CVE-2022-44757

HCL BigFix Insights for Vulnerability Remediation (IVR) is vulnerable to weak cryptography

CVSS 6.5 MEDIUMEPSS 0.3%
Vexday Risk Score
13Low
SSVC decision (CISA)
Track
No exploitation signal → monitor
CVSS 6.5EPSS 0.3%KEV nãoPoC Nuclei Metasploit Patch
Lifecycle
11 Oct 2023Published on NVD
Recommendation: Monitor — no exploitation signal at the moment.
BigFix Insights for Vulnerability Remediation (IVR) uses weak cryptography that can lead to credential exposure. An attacker could gain access to sensitive information, modify data in unexpected ways, etc.
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N
Affected products
HCL Software · BigFix Insights for Vulnerability Remediation

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →
References
https://support.hcltechsw.com/csm?id=kb_article&sysparm_article=KB0108005