CVE-2023-2802118.07.2023, 19:15The BigFix WebUI uses weak cipher suites. EnginsightProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVectorNISTNIST5.9 MEDIUMNETWORKHIGHNONECVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:NHCLCNA5.9 MEDIUMNETWORKHIGHNONECVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:NCVEADP------CISA-ADPADP------Base ScoreCVSS 3.xEPSS ScorePercentile: 31%VendorProductVersionhcltechbigfix_webui-𝑥= Vulnerable software versionsCommon Weakness EnumerationCWE-326 - Inadequate Encryption StrengthThe software stores or transmits sensitive data using an encryption scheme that is theoretically sound, but is not strong enough for the level of protection required.Referenceshttps://support.hcltechsw.com/csm?id=kb_article&sysparm_article=KB0106123https://support.hcltechsw.com/csm?id=kb_article&sysparm_article=KB0106123