VDB
CVE-2023-26118
CVE-2023-26118
PUBLISHED
CVSS 8.699999809265137 HIGH
In HCL BigFix existieren mehrere Schwachstellen. Diese sind auf Fehler in den Komponenten "angular" sowie "jsonwebtoken" zurückzuführen. Ein entfernter, anonymer oder authentisierter Angreifer kann diese Schwachstellen ausnutzen, um einen Denial of Service Zustand herbeizuführen oder Sicherheitsvorkehrungen zu umgehen.
EPSS 0.61% · 70.2th percentile
Risk Scores
CVSS 4.0
8.699999809265137
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
EPSS Score
0.61%
70.2th percentile
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Fedora | Fedora Linux | |
| IBM | IBM MQ 9.0 | |
| IBM | IBM MQ 9.1 | |
| IBM | IBM MQ 9.2 | |
| IBM | IBM Tivoli Business Service Manager 6.2.0 | |
| IBM | IBM Business Automation Workflow | |
| HCL | HCL BigFix |
Timeline
- Mar 30, 2023 CVE Published
- Mar 30, 2023 EPSS Score
- May 7, 2023 EPSS Score
- Jun 14, 2023 EPSS Score
- Aug 30, 2023 EPSS Score
- Oct 7, 2023 EPSS Score
- Nov 14, 2023 EPSS Score
- Dec 22, 2023 EPSS Score
- Jan 29, 2024 EPSS Score
- Apr 15, 2024 EPSS Score
- May 23, 2024 EPSS Score
- Jun 30, 2024 EPSS Score
References
- https://wid.cert-bund.de/.well-known/csaf/white/2024/wid-sec-w-2024-0967.json advisory
- https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2024-0967 advisory
- https://www.ibm.com/support/pages/node/7013499 advisory
- https://www.ibm.com/support/pages/node/7156277 advisory
- https://wid.cert-bund.de/.well-known/csaf/white/2023/wid-sec-w-2023-1208.json advisory
- https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2023-1208 advisory
- https://bodhi.fedoraproject.org/updates/FEDORA-2023-035866b576 advisory
- https://www.ibm.com/support/pages/node/7030667 advisory
- https://www.ibm.com/support/pages/node/7023212 advisory
- https://support.hcltechsw.com/csm?id=kb_article&sysparm_article=KB0104732 advisory