Host Header Injection vulnerability in the HCL BigFix OSD Bare Metal Server version 311.12 or lower allows attacker to supply invalid input to cause the OSD Bare Metal Server to perform a redirect to an attacker-controlled domain.
History

Thu, 05 Dec 2024 18:15:00 +0000

Type Values Removed Values Added
Metrics ssvc

{'options': {'Automatable': 'no', 'Exploitation': 'none', 'Technical Impact': 'partial'}, 'version': '2.0.3'}


cve-icon MITRE

Status: PUBLISHED

Assigner: HCL

Published: 2023-06-22T22:18:21.455Z

Updated: 2024-12-05T17:18:43.710Z

Reserved: 2023-03-10T03:59:29.452Z

Link: CVE-2023-28016

cve-icon Vulnrichment

Updated: 2024-08-02T12:23:30.921Z

cve-icon NVD

Status : Modified

Published: 2023-06-22T23:15:09.343

Modified: 2024-11-21T07:53:56.240

Link: CVE-2023-28016

cve-icon Redhat

No data.