CVE-2023-45715 - Vulnerability Details - OpenCVE

The console may experience a service interruption when processing file names with invalid characters.

No CVSS v4.0

Attack Vector Network

Attack Complexity Low

Privileges Required Low

Scope Unchanged

Confidentiality Impact None

Integrity Impact None

Availability Impact Low

User Interaction Required

No CVSS v3.0

No CVSS v2

This CVE is not in the KEV list.

The EPSS score is 0.00156.

Exploitation none

Automatable no

Technical Impact partial

Vendors	Products
Hcltech	Bigfix Platform

Configuration 1 [-]

OR	cpe:2.3:a:hcltech:bigfix_platform::::::::
	cpe:2.3:a:hcltech:bigfix_platform::::::::
	cpe:2.3:a:hcltech:bigfix_platform::::::::

No data.

No data.

References

Link	Providers
https://support.hcltechsw.com/csm?id=kb_article&sysparm_article=KB0111972

History

Thu, 08 Jan 2026 18:45:00 +0000

Type	Values Removed	Values Added
First Time appeared		Hcltech Hcltech bigfix Platform
CPEs		cpe:2.3:a:hcltech:bigfix_platform::::::::
Vendors & Products		Hcltech Hcltech bigfix Platform

Tue, 19 Nov 2024 19:15:00 +0000

Type	Values Removed	Values Added
Weaknesses		CWE-436
Metrics		ssvc `{'options': {'Automatable': 'no', 'Exploitation': 'none', 'Technical Impact': 'partial'}, 'version': '2.0.3'}`

MITRE

Status: PUBLISHED

Assigner: HCL

Published: 2024-03-28T14:26:32.839Z

Updated: 2024-11-19T19:04:30.189Z

Reserved: 2023-10-10T21:26:10.162Z

Link: CVE-2023-45715

Vulnrichment

Updated: 2024-08-02T20:29:31.232Z

NVD

Status : Analyzed

Published: 2024-03-28T15:15:45.983

Modified: 2026-01-08T18:43:55.323

Link: CVE-2023-45715

Redhat

No data.

OpenCVE Enrichment

No data.

{"dataType": "CVE_RECORD", "dataVersion": "5.1", "cveMetadata": {"cveId": "CVE-2023-45715", "assignerOrgId": "1e47fe04-f25f-42fa-b674-36de2c5e3cfc", "state": "PUBLISHED", "assignerShortName": "HCL", "dateReserved": "2023-10-10T21:26:10.162Z", "datePublished": "2024-03-28T14:26:32.839Z", "dateUpdated": "2024-11-19T19:04:30.189Z"}, "containers": {"cna": {"affected": [{"defaultStatus": "unaffected", "product": "BigFix Platform", "vendor": "HCL Software", "versions": [{"status": "affected", "version": "9.5 - 9.5.23, 10.0 - 10.0.10, 11.0.0 - 11.0.1"}]}], "datePublic": "2024-03-28T04:10:00.000Z", "descriptions": [{"lang": "en", "supportingMedia": [{"base64": false, "type": "text/html", "value": "<span style=\"background-color: rgb(255, 255, 255);\">The console may experience a service interruption when processing file names with invalid characters.</span><br>"}], "value": "The console may experience a service interruption when processing file names with invalid characters.\n"}], "metrics": [{"cvssV3_1": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "LOW", "baseScore": 3.5, "baseSeverity": "LOW", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:N/A:L", "version": "3.1"}, "format": "CVSS", "scenarios": [{"lang": "en", "value": "GENERAL"}]}], "providerMetadata": {"orgId": "1e47fe04-f25f-42fa-b674-36de2c5e3cfc", "shortName": "HCL", "dateUpdated": "2024-03-28T14:26:32.839Z"}, "references": [{"url": "https://support.hcltechsw.com/csm?id=kb_article&sysparm_article=KB0111972"}], "source": {"discovery": "UNKNOWN"}, "title": "HCL BigFix Platform is susceptible to a Denial of Service attack", "x_generator": {"engine": "Vulnogram 0.1.0-dev"}}, "adp": [{"problemTypes": [{"descriptions": [{"type": "CWE", "cweId": "CWE-436", "lang": "en", "description": "CWE-436 Interpretation Conflict"}]}], "metrics": [{"other": {"type": "ssvc", "content": {"timestamp": "2024-03-28T15:59:51.457800Z", "id": "CVE-2023-45715", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2024-11-19T19:04:30.189Z"}}, {"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-02T20:29:31.232Z"}, "title": "CVE Program Container", "references": [{"url": "https://support.hcltechsw.com/csm?id=kb_article&sysparm_article=KB0111972", "tags": ["x_transferred"]}]}]}}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CVE Program Container", "references": [{"url": "https://support.hcltechsw.com/csm?id=kb_article&sysparm_article=KB0111972", "tags": ["x_transferred"]}], "providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-02T20:29:31.232Z"}}, {"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2023-45715", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "version": "2.0.3", "timestamp": "2024-03-28T15:59:51.457800Z"}}}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-436", "description": "CWE-436 Interpretation Conflict"}]}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2024-07-05T15:20:38.472Z"}}], "cna": {"title": "HCL BigFix Platform is susceptible to a Denial of Service attack", "source": {"discovery": "UNKNOWN"}, "metrics": [{"format": "CVSS", "cvssV3_1": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 3.5, "attackVector": "NETWORK", "baseSeverity": "LOW", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:N/A:L", "integrityImpact": "NONE", "userInteraction": "REQUIRED", "attackComplexity": "LOW", "availabilityImpact": "LOW", "privilegesRequired": "LOW", "confidentialityImpact": "NONE"}, "scenarios": [{"lang": "en", "value": "GENERAL"}]}], "affected": [{"vendor": "HCL Software", "product": "BigFix Platform", "versions": [{"status": "affected", "version": "9.5 - 9.5.23, 10.0 - 10.0.10, 11.0.0 - 11.0.1"}], "defaultStatus": "unaffected"}], "datePublic": "2024-03-28T04:10:00.000Z", "references": [{"url": "https://support.hcltechsw.com/csm?id=kb_article&sysparm_article=KB0111972"}], "x_generator": {"engine": "Vulnogram 0.1.0-dev"}, "descriptions": [{"lang": "en", "value": "The console may experience a service interruption when processing file names with invalid characters.\n", "supportingMedia": [{"type": "text/html", "value": "<span style=\"background-color: rgb(255, 255, 255);\">The console may experience a service interruption when processing file names with invalid characters.</span><br>", "base64": false}]}], "providerMetadata": {"orgId": "1e47fe04-f25f-42fa-b674-36de2c5e3cfc", "shortName": "HCL", "dateUpdated": "2024-03-28T14:26:32.839Z"}}}, "cveMetadata": {"cveId": "CVE-2023-45715", "state": "PUBLISHED", "dateUpdated": "2024-11-19T19:04:30.189Z", "dateReserved": "2023-10-10T21:26:10.162Z", "assignerOrgId": "1e47fe04-f25f-42fa-b674-36de2c5e3cfc", "datePublished": "2024-03-28T14:26:32.839Z", "assignerShortName": "HCL"}, "dataVersion": "5.1"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:hcltech:bigfix_platform:*:*:*:*:*:*:*:*", "matchCriteriaId": "C8477E2A-0466-4415-9420-9D1183AF9FA3", "versionEndExcluding": "9.5.24", "versionStartIncluding": "9.5", "vulnerable": true}, {"criteria": "cpe:2.3:a:hcltech:bigfix_platform:*:*:*:*:*:*:*:*", "matchCriteriaId": "35E5DFF7-4361-4A0C-A028-38FBF2A779F7", "versionEndExcluding": "10.0.11", "versionStartIncluding": "10.0.0", "vulnerable": true}, {"criteria": "cpe:2.3:a:hcltech:bigfix_platform:*:*:*:*:*:*:*:*", "matchCriteriaId": "D1BA1361-B9BD-4D26-B2FF-672CA7D3ABA5", "versionEndIncluding": "11.0.1", "versionStartIncluding": "11.0.0", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "The console may experience a service interruption when processing file names with invalid characters.\n"}, {"lang": "es", "value": "La consola puede experimentar una interrupci\u00f3n del servicio al procesar nombres de archivos con caracteres no v\u00e1lidos."}], "id": "CVE-2023-45715", "lastModified": "2026-01-08T18:43:55.323", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "LOW", "baseScore": 3.5, "baseSeverity": "LOW", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:N/A:L", "version": "3.1"}, "exploitabilityScore": 2.1, "impactScore": 1.4, "source": "psirt@hcl.com", "type": "Secondary"}, {"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "LOW", "baseScore": 4.3, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L", "version": "3.1"}, "exploitabilityScore": 2.8, "impactScore": 1.4, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2024-03-28T15:15:45.983", "references": [{"source": "psirt@hcl.com", "tags": ["Vendor Advisory"], "url": "https://support.hcltechsw.com/csm?id=kb_article&sysparm_article=KB0111972"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Vendor Advisory"], "url": "https://support.hcltechsw.com/csm?id=kb_article&sysparm_article=KB0111972"}], "sourceIdentifier": "psirt@hcl.com", "vulnStatus": "Analyzed", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-436"}], "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "type": "Secondary"}]}