"BigFix Platform is storing clear text credentials within the system's memory. An attacker who is able to gain administrative privileges can use a program to create a memory dump and extract the credentials. These credentials can be used to pivot further into the environment. The principle of least privilege should be applied to all BigFix deployments, limiting administrative access."
Metrics
Affected Vendors & Products
References
History
No history.
MITRE
Status: PUBLISHED
Assigner: HCL
Published: 2020-07-16T18:27:41
Updated: 2024-08-04T07:52:20.964Z
Reserved: 2019-12-30T00:00:00
Link: CVE-2020-4095
Vulnrichment
No data.
NVD
Status : Modified
Published: 2020-07-16T19:15:12.097
Modified: 2024-11-21T05:32:16.897
Link: CVE-2020-4095
Redhat
No data.