CVE-2025-52621

low-risk
Published 2025-08-15

HCL BigFix SaaS Authentication Service is vulnerable to cache poisoning.  The BigFix SaaS's HTTP responses were observed to include the Origin header. Its presence alongside an unvalidated reflection of the Origin header value introduces a potential for cache poisoning.

Do I need to act?

-
0.02% chance of exploitation
EPSS score — low exploit probability
-
Not on CISA KEV list
No confirmed active exploitation reported to CISA
?
Patch status unknown
Check vendor advisories for fix availability and mitigation guidance
5
CVSS 5.3/10 Medium
NETWORK / LOW complexity

Affected Products (1)

Bigfix Saas

Affected Vendors

Hcltech

References (1)

Vendor Advisory https://support.hcl-software.com/csm?id=kb_article&sysparm_article=KB0123330
26
/ 100
low-risk
Severity 21/34 · High
Exploitability 0/34 · Minimal
Exposure 5/34 · Minimal