CVE-2025-52621
Unknown Unknown - Not Provided
BaseFortify

Publication date: 2025-08-15

Last updated on: 2025-10-29

Assigner: HCL Software

Description
HCL BigFix SaaS Authentication Service is vulnerable to cache poisoning. Β The BigFix SaaS's HTTP responses were observed to include the Origin header. Its presence alongside an unvalidated reflection of the Origin header value introduces a potential for cache poisoning.
CVSS Scores
EPSS Scores
Probability:
Percentile:
Meta Information
Published
2025-08-15
Last Modified
2025-10-29
Generated
2026-05-07
AI Q&A
2025-08-16
EPSS Evaluated
2026-05-05
NVD
CVE-2025-52621
Affected Vendors & Products
Showing 1 associated CPE
Vendor Product Version / Range
hcltech bigfix_saas to 8.1.14 (exc)
Helpful Resources
Exploitability
CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-346 The product does not properly verify that the source of data or communication is valid.
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?

This vulnerability in HCL BigFix SaaS Authentication Service is a cache poisoning issue caused by the HTTP responses including the Origin header. Because the Origin header value is reflected without validation, it allows an attacker to manipulate cached responses, potentially causing users to receive malicious or incorrect data.


How can this vulnerability impact me? :

The vulnerability can lead to cache poisoning, which may cause users to receive manipulated or malicious content from the cache. This can result in exposure to incorrect information or potential security risks, although the impact is limited to confidentiality with no direct impact on integrity or availability.


Ask Our AI Assistant
Need more information? Ask your question to get an AI reply (Powered by our expertise)
0/70
EPSS Chart