CVE-2024-42213 | THREATINT

Description

HCL BigFix Compliance is affected by inclusion of temporary files left in the production environment. An attacker might gain access to these files by indexing or retrieved via predictable URLs or misconfigured permissions, leading to information disclosure.

PUBLISHED Reserved 2024-07-29 | Published 2025-05-05 | Updated 2025-05-05 | Assigner HCL

MEDIUM: 5.3CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N

Problem types

CWE-531 Inclusion of Sensitive Information in Test Code

Product status

Default status

unaffected

2.0.12

affected

References

support.hcl-software.com/...rticle&sysparm_article=KB0120961

cve.org (CVE-2024-42213)

nvd.nist.gov (CVE-2024-42213)

Download JSON