CVE-2025-52621

HCL BigFix SaaS Authentication Service is vulnerable to cache poisoning. The BigFix SaaS's HTTP responses were observed to include the Origin header. Its presence alongside an unvalidated reflection of the Origin header value introduces a potential for cache poisoning.

CVSS v3 5.3 MEDIUM

5.3^/10

CVSS v3 : MEDIUM

Vector :

Exploitability : 3.9 / Impact : 1.4

Attack Vector NETWORK

Attack Complexity LOW

Privileges Required NONE

User Interaction NONE

Confidentiality Impact LOW

Integrity Impact NONE

Availability Impact NONE

Scope UNCHANGED

References

Link	Resource
https://support.hcl-software.com/csm?id=kb_article&sysparm_article=KB0123330	Vendor Advisory

Configurations

Configuration 1 (hide)

cpe:2.3:a:hcltech:bigfix_saas:*:*:*:*:*:*:*:*

History

29 Oct 2025, 20:24

Type	Values Removed	Values Added
CPE		cpe:2.3:a:hcltech:bigfix_saas::::::::
First Time		Hcltech Hcltech bigfix Saas
References	~~() https://support.hcl-software.com/csm?id=kb_article&sysparm_article=KB0123330 -~~	() https://support.hcl-software.com/csm?id=kb_article&sysparm_article=KB0123330 - Vendor Advisory

18 Aug 2025, 20:16

Type	Values Removed	Values Added
Summary		(es) HCL BigFix SaaS Authentication Service es vulnerable al envenenamiento de caché. Se observó que las respuestas HTTP de BigFix SaaS incluían el encabezado Origin. Su presencia, junto con una reflexión no validada del valor del encabezado Origin, presenta un riesgo de envenenamiento de caché.

15 Aug 2025, 23:15

Type	Values Removed	Values Added
New CVE

Information

Published : 2025-08-15 23:15

Updated : 2025-10-29 20:24

NVD link : CVE-2025-52621

Mitre link : CVE-2025-52621

CVE.ORG link : CVE-2025-52621

JSON object : View

Products Affected

hcltech

bigfix_saas

CWE

CWE-346

Origin Validation Error

{"id": "CVE-2025-52621", "cveTags": [], "metrics": {"cvssMetricV31": [{"type": "Secondary", "source": "psirt@hcl.com", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 5.3, "attackVector": "NETWORK", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N", "integrityImpact": "NONE", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "NONE", "privilegesRequired": "NONE", "confidentialityImpact": "LOW"}, "impactScore": 1.4, "exploitabilityScore": 3.9}, {"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 7.5, "attackVector": "NETWORK", "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "NONE", "privilegesRequired": "NONE", "confidentialityImpact": "NONE"}, "impactScore": 3.6, "exploitabilityScore": 3.9}]}, "published": "2025-08-15T23:15:26.670", "references": [{"url": "https://support.hcl-software.com/csm?id=kb_article&sysparm_article=KB0123330", "tags": ["Vendor Advisory"], "source": "psirt@hcl.com"}], "vulnStatus": "Analyzed", "weaknesses": [{"type": "Secondary", "source": "psirt@hcl.com", "description": [{"lang": "en", "value": "CWE-346"}]}], "descriptions": [{"lang": "en", "value": "HCL BigFix SaaS Authentication Service is vulnerable to cache poisoning. \u00a0The BigFix SaaS's HTTP responses were observed to include the Origin header. Its presence alongside an unvalidated reflection of the Origin header value introduces a potential for cache poisoning."}, {"lang": "es", "value": "HCL BigFix SaaS Authentication Service es vulnerable al envenenamiento de cach\u00e9. Se observ\u00f3 que las respuestas HTTP de BigFix SaaS inclu\u00edan el encabezado Origin. Su presencia, junto con una reflexi\u00f3n no validada del valor del encabezado Origin, presenta un riesgo de envenenamiento de cach\u00e9."}], "lastModified": "2025-10-29T20:24:07.927", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:hcltech:bigfix_saas:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "477B4934-85F5-4638-A56E-A134FB199202", "versionEndExcluding": "8.1.14"}], "operator": "OR"}]}], "sourceIdentifier": "psirt@hcl.com"}