PT-2025-33512 · Hcl · Hcl Bigfix Saas
Published
2025-08-15
·
Updated
2025-10-29
·
CVE-2025-52621
CVSS v3.1
7.5
High
| Vector | AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N |
Name of the Vulnerable Software and Affected Versions:
HCL BigFix SaaS (affected versions not specified)
Description:
HCL BigFix SaaS Authentication Service is susceptible to cache poisoning. The HTTP responses from BigFix SaaS include the Origin header, and its presence, combined with an unvalidated reflection of the Origin header value, creates a potential for cache poisoning.
Recommendations:
At the moment, there is no information about a newer version that contains a fix for this vulnerability.
Origin Validation Error
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Hcl Bigfix Saas