CVE-2024-42193 | THREATINT

Description

HCL BigFix Web Reports' service communicates over HTTPS but exhibits a weakness in its handling of SSL certificate validation. This scenario presents a possibility of man-in-the-middle (MITM) attacks and data exposure as, if exploited, this vulnerability could potentially lead to unauthorized access.

PUBLISHED Reserved 2024-07-29 | Published 2025-04-15 | Updated 2025-04-15 | Assigner HCL

LOW: 2.1CVSS:4.0/AV:N/AC:H/AT:N/PR:H/UI:N/VC:L/VI:L/VA:L/SC:L/SI:L/SA:L

Problem types

CWE-295 Improper Certificate Validation

Product status

Default status

unaffected

10.0 - 10.0.12; 11.0.0 - 11.0.3

affected

References

support.hcl-software.com/...rticle&sysparm_article=KB0120585

cve.org (CVE-2024-42193)

nvd.nist.gov (CVE-2024-42193)

Download JSON