6.8
CVE-2021-27783
- EPSS 0.11%
- Veröffentlicht 25.05.2022 17:15:08
- Zuletzt bearbeitet 21.11.2024 05:58:33
- Quelle psirt@hcl.com
- CVE-Watchlists
- Unerledigt
LoginHCL BigFix Mobile / Modern Client Management is vulnerable to sensitive information exposure
User generated PPKG file for Bulk Enroll may have unencrypted sensitive information exposed.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
Hcltech ≫ Bigfix Mobile Version2.0
Hcltech ≫ Bigfix Mobile Version2.1
Hcltech ≫ Bigfix Modern Client Management Version2.0
Hcltech ≫ Bigfix Modern Client Management Version2.1
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 0.11% | 0.299 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| nvd@nist.gov | 6.5 | 2.8 | 3.6 |
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
|
| nvd@nist.gov | 4 | 8 | 2.9 |
AV:N/AC:L/Au:S/C:P/I:N/A:N
|
| psirt@hcl.com | 6.8 | 2.1 | 4.7 |
CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:L/A:L
|
CWE-311 Missing Encryption of Sensitive Data
The product does not encrypt sensitive or critical information before storage or transmission.