Bigfix Insights For Vulnerability Remediation CVEs and Security Vulnerabilities

Use the Query Builder to create your own search query, or check out the documentation to learn the search syntax.

CVEs in KEV CVEs with EPSS >= 80% Crit. Microsoft High Apache SQL Injection (CWE-89) Linux Kernel High (CVSS 3.1) Apache Struts RCE (Remote Code Execution) XSS (CWE-79) Critical (CVSS 4.0) CVEs to check

Export CSV

CVE	Vendors	Products	Updated	CVSS v3.1
CVE-2025-31963	1 Hcltech	1 Bigfix Insights For Vulnerability Remediation	2026-01-22	2.9 Low
Improper authentication and missing CSRF protection in the local setup interface component in HCL BigFix IVR version 4.2 allows a local attacker to perform unauthorized configuration changes via unauthenticated administrative configuration requests.
CVE-2025-31964	1 Hcltech	1 Bigfix Insights For Vulnerability Remediation	2026-01-21	2.2 Low
Improper service binding configuration in internal service components in HCL BigFix IVR version 4.2 allows a privileged attacker to impact service availability via exposure of administrative services bound to external network interfaces instead of the local authentication interface.
CVE-2022-44758	1 Hcltech	1 Bigfix Insights For Vulnerability Remediation	2024-11-21	6.5 Medium
BigFix Insights/IVR fixlet uses improper credential handling within certain fixlet content. An attacker can gain access to information that is not explicitly authorized.
CVE-2022-44757	1 Hcltech	1 Bigfix Insights For Vulnerability Remediation	2024-11-21	6.5 Medium
BigFix Insights for Vulnerability Remediation (IVR) uses weak cryptography that can lead to credential exposure. An attacker could gain access to sensitive information, modify data in unexpected ways, etc.

Page 1 of 1.