CNNVD-202601-4685 Information
Jan 28, 2026
cve
CNNVD ID
CNNVD-202601-4685
Related CVE
- CNNVD Published: 2026-01-28
Description (Chinese)
HCL BigFix Compliance是印度HCL公司的持续监控和应用终端安全设置,以确保符合法规或组织安全策略。 HCL BigFix Compliance存在安全漏洞,该漏洞源于远程攻击者可访问WEB-INF目录下的文件,可能导致未经授权访问应用程序内部信息。
Description (English)
HCL BigFix Compliance is an ongoing HCL and application terminal security facility to ensure compliance with regulations or organizational security strategies. There is a security loophole in HCL BigFix Compliance, which results from remote attackers having access to documents in the WEB-INF directory, which may result in unauthorized access to internal information in the application.
Hazard Level
High
Vulnerability Type
其他
Affected Vendor
HCL
Published
2026-01-28
Last Modified
2026-02-24
References
https://support.hcl-software.com/csm?id=kb_article&sysparm_article=KB0128385
Patch
https://support.hcl-software.com/csm?id=kb_article&sysparm_article=KB0128385
Share on: