CVE-2025-52621

CVSS v3 5.3 MEDIUM

5.3^/10

CVSS v3 : MEDIUM

Vector :

Exploitability : 3.9 / Impact : 1.4

Attack Vector NETWORK

Attack Complexity LOW

Privileges Required NONE

User Interaction NONE

Confidentiality Impact LOW

Integrity Impact NONE

Availability Impact NONE

Scope UNCHANGED

H

CL BigFix SaaS Authentication Service is vulnerable to cache poisoning. The BigFix SaaS's HTTP responses were observed to include the Origin header. Its presence alongside an unvalidated reflection of the Origin header value introduces a potential for cache poisoning.

References

Link	Resource
https://support.hcl-software.com/csm?id=kb_article&sysparm_article=KB0123330	Vendor Advisory

Configurations

Configuration 1 (hide)

cpe:2.3:a:hcltech:bigfix_saas:*:*:*:*:*:*:*:*

History

29 Oct 2025, 20:24

Type	Values Removed	Values Added
References	~~() https://support.hcl-software.com/csm?id=kb_article&sysparm_article=KB0123330 -~~	() https://support.hcl-software.com/csm?id=kb_article&sysparm_article=KB0123330 - Vendor Advisory
First Time		Hcltech Hcltech bigfix Saas
CPE		cpe:2.3:a:hcltech:bigfix_saas::::::::

18 Aug 2025, 20:16

Type	Values Removed	Values Added
New CVE

Information

Published : 2025-08-15 23:15

Updated : 2025-10-29 20:24

NVD link : CVE-2025-52621

Mitre link : CVE-2025-52621

CVE.ORG link : CVE-2025-52621

JSON object : View

Products Affected

bigfix_saas

CWE

CWE-346

Origin Validation Error

{"id": "CVE-2025-52621", "cveTags": [], "metrics": {"cvssMetricV31": [{"type": "Secondary", "source": "[email protected]", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 5.3, "attackVector": "NETWORK", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N", "integrityImpact": "NONE", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "NONE", "privilegesRequired": "NONE", "confidentialityImpact": "LOW"}, "impactScore": 1.4, "exploitabilityScore": 3.9}, {"type": "Primary", "source": "[email protected]", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 7.5, "attackVector": "NETWORK", "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "NONE", "privilegesRequired": "NONE", "confidentialityImpact": "NONE"}, "impactScore": 3.6, "exploitabilityScore": 3.9}]}, "published": "2025-08-15T23:15:26.670", "references": [{"url": "https://support.hcl-software.com/csm?id=kb_article&sysparm_article=KB0123330", "tags": ["Vendor Advisory"], "source": "[email protected]"}], "vulnStatus": "Analyzed", "weaknesses": [{"type": "Secondary", "source": "[email protected]", "description": [{"lang": "en", "value": "CWE-346"}]}], "descriptions": [{"lang": "en", "value": "HCL BigFix SaaS Authentication Service is vulnerable to cache poisoning. \u00a0The BigFix SaaS's HTTP responses were observed to include the Origin header. Its presence alongside an unvalidated reflection of the Origin header value introduces a potential for cache poisoning."}, {"lang": "es", "value": "HCL BigFix SaaS Authentication Service es vulnerable al envenenamiento de cach\u00e9. Se observ\u00f3 que las respuestas HTTP de BigFix SaaS inclu\u00edan el encabezado Origin. Su presencia, junto con una reflexi\u00f3n no validada del valor del encabezado Origin, presenta un riesgo de envenenamiento de cach\u00e9."}], "lastModified": "2025-10-29T20:24:07.927", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:hcltech:bigfix_saas:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "477B4934-85F5-4638-A56E-A134FB199202", "versionEndExcluding": "8.1.14"}], "operator": "OR"}]}], "sourceIdentifier": "[email protected]"}