CVE-2025-52613
Received Received - Intake
WSGI Server Vulnerability in HCL BigFix Service Management

Publication date: 2026-05-06

Last updated on: 2026-05-06

Assigner: HCL Software

Description
HCL BigFix Service Management (SM) is affected by use of a vulnerable WSGI Server was identified. Deploying an outdated or insecure WSGI server may expose the application to known security weaknesses, potentially increasing the risk of exploitation and unauthorized access.
CVSS Scores
EPSS Scores
Probability:
Percentile:
Meta Information
Published
2026-05-06
Last Modified
2026-05-06
Generated
2026-05-07
AI Q&A
2026-05-06
EPSS Evaluated
N/A
NVD
CVE-2025-52613
EUVD
EUVD-2025-209702
Affected Vendors & Products
Showing 1 associated CPE
Vendor Product Version / Range
hcl bigfix_service_management *
Helpful Resources
Exploitability
CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-200 The product exposes sensitive information to an actor that is not explicitly authorized to have access to that information.
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?

HCL BigFix Service Management (SM) uses a WSGI server that is vulnerable because it is outdated or insecure. This means the application may have known security weaknesses that attackers could exploit.

Deploying such a vulnerable WSGI server increases the risk of unauthorized access and exploitation of the application.


How can this vulnerability impact me? :

The vulnerability can lead to unauthorized access to the HCL BigFix Service Management application.

It may allow attackers to exploit known security weaknesses, potentially compromising confidentiality, integrity, and availability of the system.


Ask Our AI Assistant
Need more information? Ask your question to get an AI reply (Powered by our expertise)
0/70
EPSS Chart