401 matches found
CVE-2025-52621
HCL BigFix SaaS Authentication Service is vulnerable to cache poisoning. The BigFix SaaS's HTTP responses were observed to include the Origin header. Its presence alongside an unvalidated reflection of the Origin header value introduces a potential for cache poisoning...
CVE-2025-52619
HCL BigFix SaaS Authentication Service is affected by a sensitive information disclosure. Under certain conditions, error messages disclose sensitive version information about the underlying platform...
CVE-2025-52618
HCL BigFix SaaS Authentication Service is affected by a SQL injection vulnerability. The vulnerability allows potential attackers to manipulate SQL queries...
CVE-2025-52620
HCL BigFix SaaS Authentication Service is affected by a Cross-Site Scripting XSS vulnerability. The image upload functionality inadequately validated the submitted image format...
CVE-2025-52620
HCL BigFix SaaS Authentication Service is affected by a Cross-Site Scripting XSS vulnerability. The image upload functionality inadequately validated the submitted image format...
CVE-2025-52618
HCL BigFix SaaS Authentication Service is affected by a SQL injection vulnerability. The vulnerability allows potential attackers to manipulate SQL queries...
CVE-2025-52618
CVE-2025-52618 corresponds to a SQL injection vulnerability in HCL BigFix SaaS Authentication Service. Affected component is the authentication service’s SQL handling, leading to potential manipulation of queries with high impact on confidentiality, integrity, and availability per the NVD metrics...
CVE-2025-52618 HCL BigFix SaaS Authentication Service is affected by a SQL injection vulnerability
HCL BigFix SaaS Authentication Service is affected by a SQL injection vulnerability. The vulnerability allows potential attackers to manipulate SQL queries...
CVE-2025-52619
HCL BigFix SaaS Authentication Service is affected by CVE-2025-52619, which discloses sensitive platform version information via error messages. Affected component: HCL BigFix SaaS Authentication Service. Root cause: error messages reveal underlying platform version details under certain conditio...
CVE-2025-52619 HCL BigFix SaaS Authentication Service is affected by a sensitive information disclosure
HCL BigFix SaaS Authentication Service is affected by a sensitive information disclosure. Under certain conditions, error messages disclose sensitive version information about the underlying platform...
CVE-2025-52620
CVE-2025-52620 affects HCL BigFix SaaS Authentication Service. The vulnerability is a Cross-Site Scripting (XSS) flaw arising from inadequate validation of submitted image formats in the image upload feature. Affected component is the image upload handling; root cause is insufficient validation l...
CVE-2025-52620 HCL BigFix SaaS Authentication Service is affected by a Cross-Site Scripting (XSS) vulnerability
HCL BigFix SaaS Authentication Service is affected by a Cross-Site Scripting XSS vulnerability. The image upload functionality inadequately validated the submitted image format...
CVE-2025-52620 HCL BigFix SaaS Authentication Service is affected by a Cross-Site Scripting (XSS) vulnerability
HCL BigFix SaaS Authentication Service is affected by a Cross-Site Scripting XSS vulnerability. The image upload functionality inadequately validated the submitted image format...
CVE-2025-52621
CVE-2025-52621 affects HCL BigFix SaaS Authentication Service. The issue is a cache-poisoning risk caused by the presence of an Origin header in HTTP responses coupled with an unvalidated reflection of that Origin value. Documents confirm the vulnerability but do not provide attack vectors, explo...
CVE-2025-52621 HCL BigFix SaaS Authentication Service is vulnerable to cache poisoning
HCL BigFix SaaS Authentication Service is vulnerable to cache poisoning. The BigFix SaaS's HTTP responses were observed to include the Origin header. Its presence alongside an unvalidated reflection of the Origin header value introduces a potential for cache poisoning...
CVE-2025-52621 HCL BigFix SaaS Authentication Service is vulnerable to cache poisoning
HCL BigFix SaaS Authentication Service is vulnerable to cache poisoning. The BigFix SaaS's HTTP responses were observed to include the Origin header. Its presence alongside an unvalidated reflection of the Origin header value introduces a potential for cache poisoning...
HCL BigFix SaaS Authentication Service 安全漏洞
HCL BigFix SaaS Authentication Service is an endpoint management platform from HCL India. A security vulnerability exists in HCL BigFix SaaS Authentication Service that stems from an unvalidated Origin header value, which could lead to cache poisoning...
HCL BigFix SaaS Authentication Service 安全漏洞
HCL BigFix SaaS Authentication Service is an endpoint management platform from HCL India. A security vulnerability exists in HCL BigFix SaaS Authentication Service that originates from an error message disclosing sensitive version information, which could lead to information leakage...
HCL BigFix SaaS Authentication Service 安全漏洞
HCL BigFix SaaS Authentication Service is an endpoint management platform from HCL India. A security vulnerability exists in HCL BigFix SaaS Authentication Service that stems from the image upload feature not adequately validating the image format, which could lead to cross-site scripting attacks...
HCL BigFix SaaS Authentication Service 安全漏洞
HCL BigFix SaaS Authentication Service is an endpoint management platform from HCL India. HCL BigFix SaaS Authentication Service suffers from a security vulnerability that stems from SQL queries that can be manipulated, potentially leading to SQL injection attacks...