BigFix WebUI new release available! (December 2022)

HCL Software is pleased to announce an update to BigFix WebUI, MCM and Insights for Vulnerability Remediation!
The main features in this release are as follows:

WebUI Extensions!
BigFix is now introducing the ability to extend WebUI beyond what is delivered in the products for which you are currently entitled. These extensions will be accessible in the UI through the global navigation and used seamlessly together with the rest of the applications.
At this time, the development of WebUI extensions is limited to HCL in order to accelerate the customization of the interface to your needs outside of the published applications (contact your HCL representative for more information). In the future, we do plan to publish an official SDK to enable customers to create their own WebUI extensions!

Other enhancements:

  • Take Action Dialog: you can now modify or override applicability relevance, success criteria and actionscript directly during the action deployment process
  • Device view: it is now possible to delete endpoints
  • Total number of active WebUI sessions is now logged at standard logging levels
  • Patch and Patch Policies: Added RHEL 9 and Debian 11 support
  • Patch Policies: Added autorefresh settings to sidebar
  • Patch Policies: Data is now signed to prevent tampering and improved security
  • IVR: New upgrade Fixlet to simplify upgrades from older versions of the IVR Service. Please see the IVR Fixlets and Tasks documentation for more details.
  • IVR App: Document page now displays Impact information for Qualys
  • IVR: Added new Fixlet to configure approvelist for IVR Report Download URLs
  • Insights: TypeORM upgrade to 0.3.10
  • Insights: Row Level Security (RLS) Enhancements

MCM /Mobile updates:

  • MCM now supports MacOS Ventura (Version 13)
  • MCM Security updates: PRB0101288 / PRB0109646 (CVE-2022-347616, CVE-2022-31129, CVE-2022-25887, CVE-2021-27782)​
  • Note that there were some important recent changes in the Plug-in Portal which improve device representation in the WebUI for Cloud and MCM endpoints referenced here:

The WebUI release addresses the following Security Vulnerabilities:

  • CVE-2022-38655 (BigFix WebUI)
  • CVE-2022-31129 (moment)
  • CVE-2022-25887 (sanitize-html)
  • CVE-2022-33987 (got)
  • CVE-2021-41184, CVE-2021-41183, CVE-2021-41182, CVE-2022-31160 (jquery-ui)
  • CVE-2021-32013, CVE-2021-32014, CVE-2021-32012 (js-xlsx)
  • CVE-2022-25896 (passport)
  • CVE-2022-39299 (passport-saml)
  • CVE-2022-37616 (xmldom)
  • WS-2022-0322 (d3-color)

This release addresses the following Defect Articles:

  • KB0101193 - Four Eyes Authentication check issue
  • KB0099159 - Custom Retrieved Properties from Actionsite cause Values to be missing from WebUI
  • KB0093158 - Cannot create new dashboards in WebUI
  • KB0100676 - Patch Policies- Don’t issue actions for deleted groups
  • KB0100410 - Labeling of the stagger action option
  • KB0098853 - Patch Policies doesn’t clean up PP_Schedule_ID client settings (resolved for Windows endpoints only)
  • KB0094270 - Insights Deviceinventory report: inconsistency between the Total Devices and the device actually in Console
  • KB0097967 - Insights ETLs fail
  • KB0100642 - Insights: Customer is getting an error when running the Insight import.
  • KB0101004 - IVR vulnerability list issue
  • KB0099583 - IVR: WebUI not listing IVR vulnerabilities
  • KB0099327 - Insights for Vulnerability Remediation v1.4 – Validation
  • KB0100269 - IVR: Unexpected remediation status for superseded patches
  • KB0101901 - IVR: Import failure

How to update
WebUI will update automatically by default, unless configured otherwise.
Please note that updates for BigFix Insights must be done manually via the Application Updates page on WebUI. For more information, please see

Published WebUI Site Versions

WebUI Site Name Version
Application Administration 27
Common 75
Custom 37
MDM 13
Patch 36
Patch Policies 30
Profile Management 20
Query 30
Software Distribution 41
WebUI API 13
WebUI Content App 16
WebUI Data Sync 21
WebUI Extensions 1
WebUI Insights 13
WebUI Framework 22
WebUI Permissions and Preferences 15
WebUI Reports 10
WebUI Take Action 22

Mobile/MCM sites:

BESUEM Mobile 14

WebUI Documentation link:

HCL BigFix - WebUI Team

1 Like

This topic was automatically closed after 30 days. New replies are no longer allowed.