HCL BigFix Query is affected by a sensitive information disclosure in the WebUI Query application. Β An HTTP GET endpoint request returns discoverable responses that may disclose: group names, active user names (or IDs). Β An attacker can use that information to target individuals with phishing or other social-engineering attacks.
Get an AI-powered plain-language explanation of this vulnerability and remediation steps.
Login to generate AI explanationCVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:N
1 reference(s) from NVD