从这个网页截图中,可以获取到以下关于漏洞的关键信息: 1. 漏洞名称:HCL BigFix Compliance is affected by multiple security vulnerabilities 2. CVE编号: - CVE-2024-30140 - CVE-2024-30141 - CVE-2024-30142 3. 描述: - CVE-2024-30140:HCL BigFix Compliance is affected by unvalidated redirects and forwards. The HOST header can be manipulated by an attacker and as a result, it can poison the web cache and provide back to users being served the page. - CVE-2024-30141:HCL BigFix Compliance is vulnerable to the generation of error messages containing sensitive information. Detailed error messages can provide enticing information or expose information about its environment, users, or associated data. - CVE-2024-30142:HCL BigFix Compliance is affected by a missing secure flag on a cookie. If a secure flag is not set, cookies may be stolen by an attacker using XSS, resulting in unauthorized access or session cookies could be transferred over an unencrypted channel. 4. CVSS Base Score: - CVE-2024-30140: 5.4 - CVE-2024-30141: 4.7 - CVE-2024-30142: 3.8 5. 受影响的产品和版本:HCL BigFix Compliance v2.0.11 6. 补救措施/修复:文章中没有详细描述补救措施/修复的具体内容。 这些信息可以帮助用户了解HCL BigFix Compliance中存在的安全漏洞及其影响范围,并采取相应的补救措施。