CVE-2025-52621

MEDIUM

Hcltech Bigfix Saas < 8.1.14 - Origin Validation Error

Title source: rule

Description

HCL BigFix SaaS Authentication Service is vulnerable to cache poisoning. The BigFix SaaS's HTTP responses were observed to include the Origin header. Its presence alongside an unvalidated reflection of the Origin header value introduces a potential for cache poisoning.

References (1)

[Vendor Advisory] https://support.hcl-software.com/csm?id=kb_article&sysparm_article=KB0123330

Scores

CVSS v3 5.3

EPSS 0.0002

EPSS Percentile 4.4%

Attack Vector NETWORK

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N

Classification

CWE

CWE-346

Status published

Affected Products (1)

hcltech/bigfix_saas < 8.1.14

Timeline

Published Aug 15, 2025

Tracked Since Feb 18, 2026