Hcltech Bigfix Insights For Vulnerability Remediation — known CVE vulnerabilities
Every CVE whose affected-product data names Hcltech Bigfix Insights For Vulnerability Remediation, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (5)
CVE-2022-44757 — CVSS 6.5 (medium): BigFix Insights for Vulnerability Remediation (IVR) uses weak cryptography that can lead to credential exposure. An attacker could gain…
CVE-2022-44758 — CVSS 6.5 (medium): BigFix Insights/IVR fixlet uses improper credential handling within certain fixlet content. An attacker can gain access to information that…
CVE-2025-31963 — CVSS 2.9 (low): Improper authentication and missing CSRF protection in the local setup interface component in HCL BigFix IVR version 4.2 allows a local…
CVE-2025-31964 — CVSS 2.2 (low): Improper service binding configuration in internal service components in HCL BigFix IVR version 4.2 allows a privileged attacker to impact…
CVE-2025-31962 — CVSS 2.0 (low): Insufficient session expiration in the Web UI authentication component in HCL BigFix IVR version 4.2 allows an authenticated attacker to…