Bigfix remote control
This hub aggregates every CVE we track for Bigfix remote control, a product in the security products space. Use it to gauge the current risk picture and drill into individual advisories.
26
CVEs tracked
1
Critical
6
High
0
In CISA KEV
Severity distribution
MEDIUM14HIGH6LOW5CRITICAL1
Monthly trend
0
0
0
0
0
0
0
0
0
0
0
0
1
0
0
0
0
2
0
0
0
0
0
0
2024-072026-06
Latest CVEs
The 15 most recently published vulnerabilities affecting Bigfix remote control.
- CVE-2025-55254HCL BigFix Remote Control is vulnerable to a Path-relative stylesheet import (PRSSI)3.7
- CVE-2025-59849HCL BigFix Remote Control is vulnerable to an insecure CSP configuration4.7
- CVE-2025-31965HCL BigFix Remote Control is affected by an authorization bypass vulnerability8.2
- CVE-2015-4953IBM BigFix Remote Control before Interim Fix pack 9.1.2-TIV-IBRC912-IF0001 makes it easier for man-in-the-middle attackers to decrypt traffic by leveraging a weakness in its encryption protocol. IB...4.8
- CVE-2015-4954IBM BigFix Remote Control before Interim Fix pack 9.1.2-TIV-IBRC912-IF0001 improperly allows self-signed certificates, which might allow remote attackers to conduct spoofing attacks via unspecified...5.9
- CVE-2017-1233IBM Remote Control v9 could allow a local user to use the component to replace files to which he does not have write access and which he can cause to be executed with Local System or root privilege...6.7
- CVE-2016-2930IBM BigFix Remote Control 9.1.3 could allow a remote attacker to perform actions reserved for an administrator without authentication. IBM X-Force ID: 5512.7.5
- CVE-2016-2932IBM BigFix Remote Control before 9.1.3 allows remote attackers to conduct XML injection attacks via unspecified vectors.5.3
- CVE-2016-2963Cross-site request forgery (CSRF) vulnerability in IBM BigFix Remote Control before 9.1.3 allows remote attackers to hijack the authentication of arbitrary users for requests that insert XSS sequen...8.8
- CVE-2016-2948IBM BigFix Remote Control before 9.1.3 allows local users to discover hardcoded credentials via unspecified vectors.7.8
- CVE-2016-2936IBM BigFix Remote Control before 9.1.3 uses cleartext storage for unspecified passwords, which allows local users to obtain sensitive information via unknown vectors.7.3
- CVE-2016-2935The broker application in IBM BigFix Remote Control before 9.1.3 allows remote attackers to cause a denial of service via an invalid HTTP request.5.3
- CVE-2016-2937IBM BigFix Remote Control before 9.1.3 allows remote attackers to obtain sensitive information or spoof e-mail transmission via a crafted POST request, related to an "untrusted information vulnerab...6.5
- CVE-2016-2940Multiple unspecified vulnerabilities in IBM BigFix Remote Control before 9.1.3 allow remote attackers to obtain sensitive information via unknown vectors.5.3
- CVE-2016-2944IBM BigFix Remote Control before 9.1.3 does not properly restrict failed login attempts, which makes it easier for remote attackers to obtain access via a brute-force approach.9.8
Product normalization is registry-driven with AI assist and human review. How it works