PT-2026-37638 · Hcl · Bigfix Service Management

Published

2026-05-06

Updated

2026-05-06

CVE-2025-52613

CVSS v3.1

8.8

High

Vector

AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Name of the Vulnerable Software and Affected Versions HCL BigFix Service Management (SM) (affected versions not specified)

Description HCL BigFix Service Management (SM) uses a vulnerable WSGI (Web Server Gateway Interface) server. A WSGI server is a standard interface between a web server and a Python-based web application. The use of an outdated or insecure WSGI server may expose the application to known security weaknesses, potentially increasing the risk of unauthorized access and exploitation.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Information Disclosure

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-200

Related Identifiers

CVE-2025-52613

Affected Products

Bigfix Service Management

PT-2026-37638 · Hcl · Bigfix Service Management

CVE-2025-52613

Weakness Enumeration

Related Identifiers

Affected Products

References · 5