HCL BigFix Patch Download Plug-ins XML Injection Vulnerability Allowing Denial-of-Service and Unauthorized Access

Vulnerability

A vulnerability exists in the BigFix Patch Download Plug-ins due to an insecure package that allows for XML injection attacks. This flaw enables an attacker to inject malicious XML content, potentially leading to denial-of-service conditions and unauthorized access.

Impact

Exploitation of this vulnerability could result in denial-of-service conditions and unauthorized access.

Added: Jun 9, 2025, 7:46 PM

Updated: Jun 9, 2025, 7:46 PM

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

7.5

exploitability

5.2

remediation

0.0

relevance

0.0

threat

0.0

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

7.5

exploitability

5.2

remediation

0.0

relevance

0.0

threat

0.0

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

HCL BigFix Patch Download Plug-ins XML Injection Vulnerability Allowing Denial-of-Service and Unauthorized Access

Vulnerability

Impact

Affected Products

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating