Hcltech Bigfix_saas
4 CVEs affecting Hcltech Bigfix_saas. Latest disclosed: 2025-08-15. Critical: 0, High: 0.
| CVE | Severity | Score | Published | Summary |
|---|---|---|---|---|
CVE-2025-52621 | Medium | 5.3 | 2025-08-15 | HCL BigFix SaaS Authentication Service is vulnerable to cache poisoning. The BigFix SaaS's HTTP responses were observed to include the Origin header. Its pre… |
CVE-2025-52619 | Medium | 5.3 | 2025-08-15 | HCL BigFix SaaS Authentication Service is affected by a sensitive information disclosure. Under certain conditions, error messages disclose sensitive version… |
CVE-2025-52620 | Medium | 4.3 | 2025-08-15 | HCL BigFix SaaS Authentication Service is affected by a Cross-Site Scripting (XSS) vulnerability. The image upload functionality inadequately validated the su… |
CVE-2025-52618 | Medium | 4.3 | 2025-08-15 | HCL BigFix SaaS Authentication Service is affected by a SQL injection vulnerability. The vulnerability allows potential attackers to manipulate SQL queries. |