CVEDB API

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2025-15634

A missing authorization vulnerability in HCL BigFix WebUI allows an authenticated user without proper permissions to view sensitive environmental information via direct URL access to the unauthorized page.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.0

EPSS Ranking 7.2%

CVSS Severity

CVSS v3 Score 4.3

References

https://support.hcl-software.com/csm?id=kb_article&sysparm_article=KB0130587

Products affected by CVE-2025-15634

Hcltech » Bigfix Webui Api » Version: Any

cpe:2.3:a:hcltech:bigfix_webui_api:*
Hcltech » Bigfix Webui Application Administration » Version: Any

cpe:2.3:a:hcltech:bigfix_webui_application_administration:*
Hcltech » Bigfix Webui Cmep » Version: Any

cpe:2.3:a:hcltech:bigfix_webui_cmep:*
Hcltech » Bigfix Webui Common » Version: Any

cpe:2.3:a:hcltech:bigfix_webui_common:*
Hcltech » Bigfix Webui Content App » Version: Any

cpe:2.3:a:hcltech:bigfix_webui_content_app:*
Hcltech » Bigfix Webui Custom » Version: Any

cpe:2.3:a:hcltech:bigfix_webui_custom:*
Hcltech » Bigfix Webui Data Sync » Version: Any

cpe:2.3:a:hcltech:bigfix_webui_data_sync:*
Hcltech » Bigfix Webui Extensions » Version: Any

cpe:2.3:a:hcltech:bigfix_webui_extensions:*
Hcltech » Bigfix Webui Framework » Version: Any

cpe:2.3:a:hcltech:bigfix_webui_framework:*
Hcltech » Bigfix Webui Insights » Version: 14

cpe:2.3:a:hcltech:bigfix_webui_insights:14
Hcltech » Bigfix Webui Ivr » Version: Any

cpe:2.3:a:hcltech:bigfix_webui_ivr:*
Hcltech » Bigfix Webui Mdm » Version: Any

cpe:2.3:a:hcltech:bigfix_webui_mdm:*
Hcltech » Bigfix Webui Patch » Version: Any

cpe:2.3:a:hcltech:bigfix_webui_patch:*
Hcltech » Bigfix Webui Patch Policies » Version: Any

cpe:2.3:a:hcltech:bigfix_webui_patch_policies:*
Hcltech » Bigfix Webui Permissions And Preferences » Version: Any

cpe:2.3:a:hcltech:bigfix_webui_permissions_and_preferences:*
Hcltech » Bigfix Webui Profile Management » Version: Any

cpe:2.3:a:hcltech:bigfix_webui_profile_management:*
Hcltech » Bigfix Webui Query » Version: Any

cpe:2.3:a:hcltech:bigfix_webui_query:*
Hcltech » Bigfix Webui Reports » Version: Any

cpe:2.3:a:hcltech:bigfix_webui_reports:*
Hcltech » Bigfix Webui Scm » Version: Any

cpe:2.3:a:hcltech:bigfix_webui_scm:*
Hcltech » Bigfix Webui Software Distribution » Version: Any

cpe:2.3:a:hcltech:bigfix_webui_software_distribution:*
Hcltech » Bigfix Webui Take Action » Version: Any

cpe:2.3:a:hcltech:bigfix_webui_take_action:*

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2025-15634

Products

Pricing

Contact Us