Description
" Insecure password storage issue.The application stores sensitive information in cleartext within a resource that might be accessible to another control sphere.Since the information is stored in cleartext, attackers could potentially read it and gain access to sensitive information."
References (1)
Core 1
Core References
Patch, Vendor Advisory x_refsource_misc
https://support.hcltechsw.com/csm?id=kb_article&sysparm_article=KB0095303
Scores
CVSS v3
7.5
EPSS
0.0015
EPSS Percentile
35.2%
Attack Vector
NETWORK
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
Details
CWE
CWE-312
Status
published
Products (1)
hcltech/bigfix_insights
10.0 - 10.0.8.0
Published
Mar 04, 2022
Tracked Since
Feb 18, 2026