CVE-2020-14254

TLS-RSA cipher suites are not disabled in HCL BigFix Inventory up to v10.0.2. If TLS 2.0 and secure ciphers are not enabled then an attacker can passively record traffic and later decrypt it.
References
Configurations

Configuration 1

cpe:2.3:a:hcltech:bigfix_platform:*:*:*:*:*:*:*:*

Information

Published : 2020-12-16 03:15

Updated : 2021-07-21 11:39


NVD link : CVE-2020-14254

Mitre link : CVE-2020-14254

Products Affected
No products.
CWE
CWE-1240

Use of a Cryptographic Primitive with a Risky Implementation