What is CVE-2020-4095?

CVE-2020-4095 is a medium-severity vulnerability in Hcltech Bigfix_platform, classified under Cleartext Storage of Sensitive Information. CVSS score: 6.0/10. Published 2020-07-16.

How severe is CVE-2020-4095?

Medium severity. CVSS v3 base score is 6.0 out of 10.

Vulnerability in Hcltech Bigfix_platform

CVE-2020-4095

"BigFix Platform is storing clear text credentials within the system's memory. An attacker who is able to gain administrative privileges can use a program to create a memory dump and extract the credentials. These credentials can be used t…

EPSS: 0.002 (9.5th percentile) — read the EPSS interpretation.

CVSS v3 metric

CVSS v3 base score 6.0 (Medium). Vector: CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:N/A:N.

Affected products

Hcltech Bigfix_platform
N/a "Hcl Bigfix Platform" — versions "v9.2 - 9.2.19, v9.5 - 9.5.15"

Weakness classification (CWE)

CWE-312 — Cleartext Storage of Sensitive Information
CWE-522 — Insufficiently Protected Credentials

References

psirt@hcl.com (x_refsource_MISC, Vendor Advisory)

Frequently asked questions

What is CVE-2020-4095?: CVE-2020-4095 is a medium-severity vulnerability in Hcltech Bigfix_platform, classified under Cleartext Storage of Sensitive Information. CVSS score: 6.0/10. Published 2020-07-16.
How severe is CVE-2020-4095?: Medium severity. CVSS v3 base score is 6.0 out of 10.