CVE-2024-42189: HCL BigFix Web Reports might be subject to a Denial of Service (DoS) attack
5.6
CVSS
Description
HCL BigFix Web Reports might be subject to a Denial of Service (DoS) attack, due to a potentially weak validation of an API parameter.
Classification
CVE ID: CVE-2024-42189
CVSS Base Severity: MEDIUM
CVSS Base Score: 5.6
CVSS Vector: CVSS:4.0/AV:N/AC:H/AT:N/PR:H/UI:A/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
Problem Types
CWE-1287 Improper Validation of Specified Type of InputAffected Products
Vendor: HCL Software
Product: HCL BigFix Platform
Exploit Prediction Scoring System (EPSS)
EPSS Score: 0.06% (probability of being exploited)
EPSS Percentile: 18.4% (scored less or equal to compared to others)
EPSS Date: 2025-04-18 (when was this score calculated)
Stakeholder-Specific Vulnerability Categorization (SSVC)
SSVC Exploitation: none
SSVC Technical Impact: partial
SSVC Automatable: false
References
https://nvd.nist.gov/vuln/detail/CVE-2024-42189https://support.hcl-software.com/csm?id=kb_article&sysparm_article=KB0120585