The HCL BigFix Inventory server is vulnerable to path traversal which enables an attacker to read internal application files from the Inventory server. The BigFix Inventory server does not properly restrict the served static file.
Metrics
Affected Vendors & Products
References
History
No history.
MITRE
Status: PUBLISHED
Assigner: HCL
Published: 2024-04-03T16:32:51.950Z
Updated: 2024-08-01T23:06:25.219Z
Reserved: 2024-01-18T07:29:48.046Z
Link: CVE-2024-23540
Vulnrichment
Updated: 2024-08-01T23:06:25.219Z
NVD
Status : Awaiting Analysis
Published: 2024-04-03T17:15:50.450
Modified: 2024-07-12T16:11:24.643
Link: CVE-2024-23540
Redhat
No data.