CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Hcltech: >> Bigfix Compliance >> 2.0.9 Security Vulnerabilities

CVE-2023-37525

A sensitive information disclosure in HCL BigFix Compliance allows a remote attacker to access files under the WEB-INF directory, which may contain Java class files and configuration information, leading to unauthorized access to application internals.

CVSS Score

5.3

EPSS Score

0.001

Published

2026-01-28

Page 1

Vulnerabilities

Vulnerable Software

Hcltech: >> Bigfix Compliance >> 2.0.9 Security Vulnerabilities

Products

Pricing

Contact Us