HCL BigFix SM is affected by a Sensitive Information Exposure vulnerability where internal connections do not use TLS encryption which could allow an attacker unauthorized access to sensitive data transmitted between internal components.
The product transmits sensitive or security-critical data in cleartext in a communication channel that can be sniffed by unauthorized actors.