Lucene search
+L
HcltechBigfix Saas

4 matches found

CVE
CVE
added 2025/08/15 10:48 p.m.21 views

CVE-2025-52619

HCL BigFix SaaS Authentication Service is affected by CVE-2025-52619, which discloses sensitive platform version information via error messages. Affected component: HCL BigFix SaaS Authentication Service. Root cause: error messages reveal underlying platform version details under certain conditio...

5.3CVSS6.5AI score0.00274EPSS
CVE
CVE
added 2025/08/15 10:45 p.m.21 views

CVE-2025-52621

CVE-2025-52621 affects HCL BigFix SaaS Authentication Service. The issue is a cache-poisoning risk caused by the presence of an Origin header in HTTP responses coupled with an unvalidated reflection of that Origin value. Documents confirm the vulnerability but do not provide attack vectors, explo...

7.5CVSS7.2AI score0.00154EPSS
CVE
CVE
added 2025/08/15 10:47 p.m.19 views

CVE-2025-52620

CVE-2025-52620 affects HCL BigFix SaaS Authentication Service. The vulnerability is a Cross-Site Scripting (XSS) flaw arising from inadequate validation of submitted image formats in the image upload feature. Affected component is the image upload handling; root cause is insufficient validation l...

5.4CVSS6.2AI score0.0019EPSS
CVE
CVE
added 2025/08/15 10:49 p.m.17 views

CVE-2025-52618

CVE-2025-52618 corresponds to a SQL injection vulnerability in HCL BigFix SaaS Authentication Service. Affected component is the authentication service’s SQL handling, leading to potential manipulation of queries with high impact on confidentiality, integrity, and availability per the NVD metrics...

9.8CVSS8.1AI score0.00322EPSS