Schadcode Attack on Endpoint Management Platform HCL BigFix Application

Endpoint Management Platform HCL BigFix is ​​a versatile service. Administrators also made updates to the attacks along with the updates to the system. Über eine “critical” Enable Schadcode on the computer.

Anzeige

Mehrere Lücken geschlossen

Wie aus einer Warnmeldung hervorgehtIt allows you to have various software components of WebUI. Insgesamt pregnant die Entwickler an, 13 Lücken geschlossen zu haben. Am gefährlichsten gilded eine Lücke (CVE-2024-38996 “critical“) You can use Schadcode kommen using Angreifer Instanzen via DoS-Attacke. Therefore, a system can be created for regular harmonization of the System. An attack cannot be carried out with an Attack and Detail, it is nothing .

Zwei Lücken is located in Bedrohungsgrad “idiot” eingestuft (CVE-2024-45590, CVE-2024-45296). A prepared agreement can be made with Anfragen DoS-Zustände erzeugen. Die verb Schwachstellen sind mit “Mittel” Eingestuft. More information may have been leaked.

Sicherheits updates

Attacks and Administrators can perform ad-hoc attacks on the fly and gain nothing for HCLSoftware. For Administrators in System Administration, WebUI Sicherstellen, current versions are available in the installation of the following Components:

• Application Management 36
• Joint 93
• Special 46
• Analysis 26
• Patch 48
• IVR 16
• Patch Policies 42
• Profile Management 29
• Query 40
• Software Distribution 50
• WebUI API 27
• WebUI Content Application 24
• WebUI CMEP 18
• WebUI Data Synchronization 32
• WebUI Framework 30
• WebUI MDM 21
• WebUI Permissions and Preferences 23
• WebUI Reports 20
• WebUI Take Action 33
• WebUI SCM 16
• WebUI Extensions 9

(des)