HCL BigFix Compliance Temporary File Information Disclosure Vulnerability

Vulnerability

A vulnerability in HCL BigFix Compliance exists due to temporary files being unintentionally left in the production environment. These files could be accessed by an attacker through indexing, predictable URLs, or misconfigured permissions, resulting in unauthorized information disclosure.

Impact

Exploitation of this vulnerability could lead to unauthorized access to sensitive information contained within the temporary files.

Added: Jun 9, 2025, 7:46 PM

Updated: Jun 9, 2025, 7:46 PM

Vulnerability Rating

Custom Algorithm

spread

5.7

impact

2.5

exploitability

5.9

remediation

0.0

relevance

0.0

threat

0.0

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

5.7

impact

2.5

exploitability

5.9

remediation

0.0

relevance

0.0

threat

0.0

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

HCL BigFix Compliance Temporary File Information Disclosure Vulnerability

Vulnerability

Impact

Affected Products

HCL BigFix Compliance

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating