Filtered by vendor Hcltech
Subscriptions
Filtered by product Bigfix Saas
Subscriptions
Total
4 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2025-52618 | 1 Hcltech | 1 Bigfix Saas | 2025-08-16 | 4.3 Medium |
| HCL BigFix SaaS Authentication Service is affected by a SQL injection vulnerability. The vulnerability allows potential attackers to manipulate SQL queries. | ||||
| CVE-2025-52621 | 1 Hcltech | 1 Bigfix Saas | 2025-08-16 | 5.3 Medium |
| HCL BigFix SaaS Authentication Service is vulnerable to cache poisoning. The BigFix SaaS's HTTP responses were observed to include the Origin header. Its presence alongside an unvalidated reflection of the Origin header value introduces a potential for cache poisoning. | ||||
| CVE-2025-52619 | 1 Hcltech | 1 Bigfix Saas | 2025-08-16 | 5.3 Medium |
| HCL BigFix SaaS Authentication Service is affected by a sensitive information disclosure. Under certain conditions, error messages disclose sensitive version information about the underlying platform. | ||||
| CVE-2025-52620 | 1 Hcltech | 1 Bigfix Saas | 2025-08-16 | 4.3 Medium |
| HCL BigFix SaaS Authentication Service is affected by a Cross-Site Scripting (XSS) vulnerability. The image upload functionality inadequately validated the submitted image format. | ||||
Page 1 of 1.