CVE-2024-30142 Information

Description

HCL BigFix Compliance is affected by a missing secure flag on a cookie. If a secure flag is not set cookies may be stolen by an attacker using XSS resulting in unauthorized access or session cookies could be transferred over an unencrypted channel.

Reference

https://support.hcl-software.com/csm?id=kb_article&sysparm_article=KB0117197