Clear Text Disclosure of SMTP Sensitive Data in BigFix Notification Service
CVE-2022-38658 · HIGH Severity
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
BigFix deployments that have installed the Notification Service on Windows are susceptible to disclosing SMTP BigFix operator's sensitive data in clear text. Operators who use Notification Service related content from BES Support are at risk of leaving their SMTP sensitive data exposed.
Learn more about our Web Application Penetration Testing UK.