CVE-2023-45715Interpretation Conflict in Bigfix Platform

CWE-436Interpretation Conflict3 documents3 sources
Severity
4.3MEDIUMNVD
CNA3.5
EPSS
0.2%
top 63.64%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
2
Hcltech Bigfix PlatformHCL Software Bigfix Platform
Timeline
PublishedMar 28

Description

The console may experience a service interruption when processing file names with invalid characters.

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:LExploitability: 2.8 | Impact: 1.4

Affected Packages2 packages

NVDhcltech/bigfix_platform9.59.5.24+2
CVEListV5hcl_software/bigfix_platform9.5 - 9.5.23, 10.0 - 10.0.10, 11.0.0 - 11.0.1

🔴Vulnerability Details

2
CVEList
HCL BigFix Platform is susceptible to a Denial of Service attack2024-03-28
GHSA
GHSA-33r2-8g93-5hm2: The console may experience a service interruption when processing file names with invalid characters2024-03-28
CVE-2023-45715 — Interpretation Conflict | cvebase