CVE-2025-52621

MEDIUM

HCL BigFix SaaS < 8.1.14 - Cache Poisoning via Origin Header Reflection

Title source: llm

Description

HCL BigFix SaaS Authentication Service is vulnerable to cache poisoning. The BigFix SaaS's HTTP responses were observed to include the Origin header. Its presence alongside an unvalidated reflection of the Origin header value introduces a potential for cache poisoning.

References (1)

Core 1

Core References

Vendor Advisory

https://support.hcl-software.com/csm?id=kb_article&sysparm_article=KB0123330

Scores

CVSS v3 5.3

EPSS 0.0014

EPSS Percentile 4.0%

Attack Vector NETWORK

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N

CISA SSVC

Vulnrichment

Exploitation none

Automatable yes

Technical Impact partial

Details

CWE

CWE-346

Status published

Products (1)

hcltech/bigfix_saas < 8.1.14

Published Aug 15, 2025

Tracked Since Feb 18, 2026