"TLS-RSA cipher suites are not disabled in BigFix Compliance up to v2.0.5. If TLS 2.0 and secure ciphers are not enabled then an attacker can passively record traffic and later decrypt it."
References
Link | Resource |
---|---|
https://support.hcltechsw.com/csm?id=kb_article&sysparm_article=KB0096977 | Mitigation Vendor Advisory |
Configurations
History
12 Mar 2022, 02:05
Type | Values Removed | Values Added |
---|---|---|
CVSS |
v2 : v3 : |
v2 : 4.3
v3 : 7.5 |
CWE | CWE-327 | |
CPE | cpe:2.3:a:hcltech:bigfix_compliance:*:*:*:*:*:*:*:* | |
First Time |
Hcltech
Hcltech bigfix Compliance |
|
References | (MISC) https://support.hcltechsw.com/csm?id=kb_article&sysparm_article=KB0096977 - Mitigation, Vendor Advisory |
04 Mar 2022, 22:15
Type | Values Removed | Values Added |
---|---|---|
New CVE |
Information
Published : 2022-03-04 22:15
Updated : 2023-12-10 14:22
NVD link : CVE-2021-27756
Mitre link : CVE-2021-27756
CVE.ORG link : CVE-2021-27756
JSON object : View
Products Affected
hcltech
- bigfix_compliance
CWE
CWE-327
Use of a Broken or Risky Cryptographic Algorithm