CVE-2025-52602

HCL BigFix Query is affected by a sensitive information disclosure in the WebUI Query application. An HTTP GET endpoint request returns discoverable responses that may disclose: group names, active user names or IDs. An attacker can use that information to target individuals with phishing or...

CVE-2025-52602

CVE-2025-52602 affects HCL BigFix Query WebUI Query, where an HTTP GET endpoint may disclose discoverable data such as group names and active user names/IDs via the /api/v1/query endpoint. This exposure could enable targeted phishing or social engineering. The available connected documents confir...

CVE-2025-52602 HCL BigFix Query is affected by a sensitive information disclosure vulnerability in the WebUI Query application

HCL BigFix Query is affected by a sensitive information disclosure in the WebUI Query application. An HTTP GET endpoint request returns discoverable responses that may disclose: group names, active user names or IDs. An attacker can use that information to target individuals with phishing or...

HCL BigFix Query 安全漏洞

HCL BigFix Query is a module for querying and collecting system status data in real-time from HCL India. A security vulnerability exists in HCL BigFix Query that stems from an HTTP GET endpoint request in the WebUI Query application returning a discoverable response that could disclose the group...

PT-2025-45111

Name of the Vulnerable Software and Affected Versions HCL BigFix Query affected versions not specified Description HCL BigFix Query’s WebUI Query application is susceptible to sensitive information disclosure. An HTTP GET request to an endpoint can reveal discoverable responses, potentially...