漏洞信息
尽管我们使用了先进的大模型技术,但其输出仍可能包含不准确或过时的信息。神龙努力确保数据的准确性,但请您根据实际情况进行核实和判断。
Vulnerability Title
HCL BigFix Query is affected by a sensitive information disclosure vulnerability in the WebUI Query application
Vulnerability Description
HCL BigFix Query is affected by a sensitive information disclosure in the WebUI Query application. An HTTP GET endpoint request returns discoverable responses that may disclose: group names, active user names (or IDs). An attacker can use that information to target individuals with phishing or other social-engineering attacks.
CVSS Information
CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:N
Vulnerability Type
侵犯隐私
Vulnerability Title
HCL BigFix Query 安全漏洞
Vulnerability Description
HCL BigFix Query是印度HCL公司的一个实时查询和收集系统状态数据的模块。 HCL BigFix Query存在安全漏洞,该漏洞源于WebUI Query应用程序中的HTTP GET端点请求返回可发现的响应,可能泄露组名和活动用户名或ID,攻击者可利用该信息进行钓鱼或其他社会工程攻击。
CVSS Information
N/A
Vulnerability Type
N/A