CVEDB API

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2025-0276

HCL BigFix Modern Client Management (MCM) 3.3 and earlier are vulnerable to certain insecure directives within the Content Security Policy (CSP). An attacker could trick users into performing actions by not properly restricting the sources of scripts and other content.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.001

EPSS Ranking 17.8%

CVSS Severity

CVSS v3 Score 6.5

References

https://support.hcl-software.com/csm?id=kb_article&sysparm_article=KB0124513

Products affected by CVE-2025-0276

Hcltech » Bigfix Mobile » Version: 1.0

cpe:2.3:a:hcltech:bigfix_mobile:1.0
Hcltech » Bigfix Mobile » Version: 2.0

cpe:2.3:a:hcltech:bigfix_mobile:2.0
Hcltech » Bigfix Mobile » Version: 2.1

cpe:2.3:a:hcltech:bigfix_mobile:2.1
Hcltech » Bigfix Mobile » Version: 3.0

cpe:2.3:a:hcltech:bigfix_mobile:3.0
Hcltech » Bigfix Mobile » Version: 3.1

cpe:2.3:a:hcltech:bigfix_mobile:3.1
Hcltech » Bigfix Modern Client Management » Version: 2.0

cpe:2.3:a:hcltech:bigfix_modern_client_management:2.0
Hcltech » Bigfix Modern Client Management » Version: 2.1

cpe:2.3:a:hcltech:bigfix_modern_client_management:2.1
Hcltech » Bigfix Modern Client Management » Version: 3.2

cpe:2.3:a:hcltech:bigfix_modern_client_management:3.2
Hcltech » Bigfix Modern Client Management » Version: 3.3

cpe:2.3:a:hcltech:bigfix_modern_client_management:3.3

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2025-0276

Products

Pricing

Contact Us