GCVE - cpe:2.3:a:hcltechsw:bigfix_bare_osd_metal_server

Approved changes feed: RSS · Atom

cpe:2.3:a:hcltechsw:bigfix_bare_osd_metal_server_webui:*:*:*:*:*:*:*:*

part: a version: * update: *

Vendor	Hcltechsw (`ba9bc489-c06a-5f16-aa3c-2bd0521574c9`)
Product	Bigfix Bare Osd Metal Server Webui (`24307d06-e256-59f6-a9ad-787f3b79d130`)
Edition	*
Language	*
Software edition	*
Target software	*
Target hardware	*
Other	*
Notes	Imported from gcve-enriched-dumps CVE data

PURL mappings

PURL	Source	Last updated
No PURL mappings for this CPE yet.

Vulnerability references

Identifier	cpeApplicability	Submitted	db.gcve.eu details	Rationale
`CVE:CVE-2023-37523`	vulnerable	2026-06-08 06:08:15.557877	HCL BigFix OSD Bare Metal Server WebUI is affected by missing or insecure tags MEDIUM (5.6) Missing or insecure tags in the HCL BigFix Bare OSD Metal Server WebUI version 311.19 or lower could allow an attacker to execute a malicious script on the user's browser. Published: 2024-01-16T17:33:01.755Z Updated: 2025-06-03T19:00:18.411Z Open on db.gcve.eu Reference links https://support.hcltechsw.com/csm?id=kb_article&sysparm_article=KB0109754	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2023-37522`	vulnerable	2026-06-08 06:08:15.555751	HCL BigFix OSD Bare Metal Server WebUI is affected by missing or insecure tags MEDIUM (5.6) HCL BigFix Bare OSD Metal Server WebUI version 311.19 or lower has missing or insecure tags that could allow an attacker to execute a malicious script on the user's browser. Published: 2024-01-16T15:59:35.415Z Updated: 2025-06-16T19:54:19.639Z Open on db.gcve.eu Reference links https://support.hcltechsw.com/csm?id=kb_article&sysparm_article=KB0109754	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2023-37521`	vulnerable	2026-06-08 06:08:15.555265	HCL BigFix OSD Bare Metal Server WebUI is affected by sensitive information disclosure LOW (2.3) HCL BigFix Bare OSD Metal Server WebUI version 311.19 or lower can sometimes include sensitive information in a query string which could allow an attacker to execute a malicious attack. Published: 2024-01-16T15:55:27.149Z Updated: 2024-10-29T19:21:35.441Z Open on db.gcve.eu Reference links https://support.hcltechsw.com/csm?id=kb_article&sysparm_article=KB0109754	Imported from gcve-enriched-dumps CVE data

Contribute

You can submit an edit proposal for this CPE entry or suggest a related product/vendor addition using the action button above.

Bigfix Bare Osd Metal Server Webui

PURL mappings

Vulnerability references

Contribute