CVEDB API

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2025-0277

HCL BigFix Mobile 3.3 and earlier are vulnerable to certain insecure directives within the Content Security Policy (CSP). An attacker could trick users into performing actions by not properly restricting the sources of scripts and other content.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.001

EPSS Ranking 17.8%

CVSS Severity

CVSS v3 Score 6.5

References

https://support.hcl-software.com/csm?id=kb_article&sysparm_article=KB0124513

Products affected by CVE-2025-0277

Hcltech » Bigfix Mobile » Version: 1.0

cpe:2.3:a:hcltech:bigfix_mobile:1.0
Hcltech » Bigfix Mobile » Version: 2.0

cpe:2.3:a:hcltech:bigfix_mobile:2.0
Hcltech » Bigfix Mobile » Version: 2.1

cpe:2.3:a:hcltech:bigfix_mobile:2.1
Hcltech » Bigfix Mobile » Version: 3.0

cpe:2.3:a:hcltech:bigfix_mobile:3.0
Hcltech » Bigfix Mobile » Version: 3.1

cpe:2.3:a:hcltech:bigfix_mobile:3.1
Hcltech » Bigfix Modern Client Management » Version: 2.0

cpe:2.3:a:hcltech:bigfix_modern_client_management:2.0
Hcltech » Bigfix Modern Client Management » Version: 2.1

cpe:2.3:a:hcltech:bigfix_modern_client_management:2.1
Hcltech » Bigfix Modern Client Management » Version: 3.2

cpe:2.3:a:hcltech:bigfix_modern_client_management:3.2
Hcltech » Bigfix Modern Client Management » Version: 3.3

cpe:2.3:a:hcltech:bigfix_modern_client_management:3.3

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2025-0277

Products

Pricing

Contact Us