Bigfix Webui Profile Management CVEs and Security Vulnerabilities - OpenCVE

Filtered by vendor Hcltech Subscriptions

Filtered by product Bigfix Webui Profile Management Subscriptions

Search

Switch to Advanced Search (Beta)

Total 2 CVE

CVE	Vendors	Products	Updated	CVSS v3.1
CVE-2025-15633	1 Hcltech	22 Bigfix Webui, Bigfix Webui Api, Bigfix Webui Application Administration and 19 more	2026-05-14	6.5 Medium
An improper authorization vulnerability in HCL BigFix WebUI allows an authenticated user without Master Operator privileges to access internal data (site names, versions, and configuration variables) and bypass privilege requirements via unprotected endpoints lacking adequate security headers.
CVE-2025-15634	1 Hcltech	22 Bigfix Webui, Bigfix Webui Api, Bigfix Webui Application Administration and 19 more	2026-05-14	4.3 Medium
A missing authorization vulnerability in HCL BigFix WebUI allows an authenticated user without proper permissions to view sensitive environmental information via direct URL access to the unauthorized page.

Page 1 of 1.