📦 Bigfix Compliance

by Hcltech

🔍 What is Bigfix Compliance?

Description coming soon...

🛡️ Security Overview

Click on a severity to filter vulnerabilities

⚠️ Known Vulnerabilities

CVE-2021-27756

HIGH CVSS 7.5 Mar 4, 2022

This vulnerability in BigFix Compliance allows attackers to decrypt TLS-encrypted network traffic when TLS-RSA cipher suites are enabled without TLS 2.0 and secure ciphers. Attackers can passively rec...

CVE-2023-37525

MEDIUM CVSS 5.3 Jan 28, 2026

This vulnerability in HCL BigFix Compliance allows remote attackers to access sensitive files in the WEB-INF directory, potentially exposing Java class files and configuration data. This could reveal ...

CVE-2024-42213

MEDIUM CVSS 5.3 May 5, 2025

HCL BigFix Compliance leaves temporary files in production environments that attackers can access through predictable URLs or misconfigured permissions. This information disclosure vulnerability affec...

CVE-2024-30141

MEDIUM CVSS 4.7 Nov 7, 2024

HCL BigFix Compliance generates error messages that may leak sensitive information about the system environment, users, or associated data. This vulnerability allows attackers to gather reconnaissance...