CVE-2022-27544

MEDIUM

Hcltech Bigfix Platform - Insufficiently Protected Credentials

Title source: rule

Description

BigFix Web Reports authorized users may see SMTP credentials in clear text.

References (1)

Scores

CVSS v3 5.0
EPSS 0.0019
EPSS Percentile 40.7%
Attack Vector LOCAL
CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:N/A:N

Classification

CWE
CWE-522
Status published

Affected Products (1)

hcltech/bigfix_platform < 9.5.19

Timeline

Published Jul 19, 2022
Tracked Since Feb 18, 2026