Hcltech Bigfix Compliance
Don't miss out!
Thousands of developers use stack.watch to stay informed.Get an email whenever new security vulnerabilities are reported in Hcltech Bigfix Compliance.
By the Year
In 2026 there have been 0 vulnerabilities in Hcltech Bigfix Compliance. Last year, in 2025 Bigfix Compliance had 2 security vulnerabilities published. Right now, Bigfix Compliance is on track to have less security vulnerabilities in 2026 than it did last year.
| Year | Vulnerabilities | Average Score |
|---|---|---|
| 2026 | 0 | 0.00 |
| 2025 | 2 | 0.00 |
| 2024 | 5 | 0.00 |
| 2023 | 0 | 0.00 |
| 2022 | 1 | 7.50 |
It may take a day or so for new Bigfix Compliance vulnerabilities to show up in the stats or in the list of recent security vulnerabilities. Additionally vulnerabilities may be tagged under a different product or component name.
Recent Hcltech Bigfix Compliance Security Vulnerabilities
HCL BigFix Compliance: Temporary File Disclosure via Predictable URLs
CVE-2024-42213
- May 05, 2025
HCL BigFix Compliance is affected by inclusion of temporary files left in the production environment. An attacker might gain access to these files by indexing or retrieved via predictable URLs or misconfigured permissions, leading to information disclosure.
CSRF via missing SameSite attribute in HCL BigFix Compliance
CVE-2024-42212
- May 05, 2025
HCL BigFix Compliance is affected by an improper or missing SameSite attribute. This can lead to Cross-Site Request Forgery (CSRF) attacks, where a malicious site could trick a user's browser into making unintended requests using authenticated sessions.
HCL BigFix Compliance Cookie Secure Flag Missing
CVE-2024-30142
- November 07, 2024
HCL BigFix Compliance is affected by a missing secure flag on a cookie. If a secure flag is not set, cookies may be stolen by an attacker using XSS, resulting in unauthorized access or session cookies could be transferred over an unencrypted channel.
HCL BigFix Compliance Sensitive Error Disclosure
CVE-2024-30141
- November 07, 2024
HCL BigFix Compliance is vulnerable to the generation of error messages containing sensitive information. Detailed error messages can provide enticement information or expose information about its environment, users, or associated data.
HCL BigFix Compliance Unvalidated Redirect
CVE-2024-30140
- November 07, 2024
HCL BigFix Compliance is affected by unvalidated redirects and forwards. The HOST header can be manipulated by an attacker and as a result, it can poison the web cache and provide back to users being served the page.
HCL BigFix Compliance Clickjacking via missing X-Frame-Options
CVE-2024-30126
- July 18, 2024
HCL BigFix Compliance is affected by a missing X-Frame-Options HTTP header which can allow an attacker to create a malicious website that embeds the target website in a frame or iframe, tricking users into performing actions on the target website without their knowledge.
HCL BigFix Compliance Server 500 Error May Terminate Process
CVE-2024-30125
- July 18, 2024
HCL BigFix Compliance server can respond with an HTTP status of 500, indicating a server-side error that may cause the server process to die.
"TLS-RSA cipher suites are not disabled in BigFix Compliance up to v2.0.5
CVE-2021-27756
7.5 - High
- March 04, 2022
"TLS-RSA cipher suites are not disabled in BigFix Compliance up to v2.0.5. If TLS 2.0 and secure ciphers are not enabled then an attacker can passively record traffic and later decrypt it."
Use of a Broken or Risky Cryptographic Algorithm
Stay on top of Security Vulnerabilities
Want an email whenever new vulnerabilities are published for Hcltech Bigfix Compliance or by Hcltech? Click the Watch button to subscribe.
