Security Advisory

CVE-2025-52621

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2025-08-15 22:45:55
Last updated 2025-08-18 19:00:48
Assigner HCL
State PUBLISHED

Description

HCL BigFix SaaS Authentication Service is vulnerable to cache poisoning.  The BigFix SaaSs HTTP responses were observed to include the Origin header. Its presence alongside an unvalidated reflection of the Origin header value introduces a potential for cache poisoning.