CVE Vulnerabilities

CVE-2022-38655

Published: Dec 21, 2022 | Modified: Apr 16, 2025
CVSS 3.x
5.8
MEDIUM
Source:
NVD
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:L/A:N
CVSS 2.x
RedHat/V2
RedHat/V3
Ubuntu
root.io minimus.io echohq.com

BigFix WebUI non-master operators are missing controls that prevent them from being able to modify the relevance of fixlets or to deploy fixlets from the BES Support external site.

Affected Software

Name Vendor Start Version End Version
Bigfix_webui Hcltech 20 (including) 20 (including)

References