← back
CVE-2025-52621

HCL BigFix SaaS Authentication Service is vulnerable to cache poisoning

CVSS 5.3 MEDIUMEPSS 0.1%CWE-346
Vexday Risk Score
13Low
SSVC decision (CISA)
Track
No exploitation signal → monitor
CVSS 5.3EPSS 0.1%KEV nãoPoC Nuclei Metasploit Patch
Lifecycle
15 Aug 2025Published on NVD
Recommendation: Monitor — no exploitation signal at the moment.
HCL BigFix SaaS Authentication Service is vulnerable to cache poisoning.  The BigFix SaaS's HTTP responses were observed to include the Origin header. Its presence alongside an unvalidated reflection of the Origin header value introduces a potential for cache poisoning.
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
Affected products
HCL Software · BigFix SaaS Remediate

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →
References
https://support.hcl-software.com/csm?id=kb_article&sysparm_article=KB0123330