CVE-2024-42185

EUVD-2024-39450
BigFix Patch Download Plug-ins are affected by an insecure package which is susceptible to XML injection attacks.  This allows an attacker to exploit this vulnerability by injecting malicious XML content, which can lead to various issues including denial of service and unauthorized access.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTPrimary
2.5 LOW
LOCAL
HIGH
LOW
CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:C/C:L/I:N/A:N
HCLCNA
2.5 LOW
LOCAL
HIGH
LOW
CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:C/C:L/I:N/A:N
Awaiting analysis
This vulnerability is currently awaiting analysis.
Base Score
CVSS 3.x
EPSS Score
Percentile: 18%
Common Weakness Enumeration
References
https://support.hcl-software.com/csm?id=kb_article&sysparm_article=KB0118565