HCL BigFix WebUI
Moderate fix19 remedies
cpe:2.3:a:hcltech:bigfix_webui:*:*:*:*:*:*:*
Moderate fix19 remedies
- < 39
- < 97
- < 49
- < 30
- < 53
- < 20
- < 48
- < 32
- < 43
- < 31
- < 27
- < 21
- < 36
- < 33
- < 24
- < 26
- < 23
- < 19
- < 13
HCL BigFix WebUI Host Header Poisoning Vulnerability
Vulnerability
Patched
A host header poisoning vulnerability has been identified in the HCL BigFix WebUI application. This issue arises because the application inadvertently exposes host information from the HTTP header, creating a potential vector for host header poisoning attacks. The vulnerability affects all versions of the BigFix WebUI application.
Impact
Exploitation of this vulnerability could lead to host header poisoning, allowing attackers to manipulate how the application interprets host headers. This could potentially be used to redirect users, interfere with application logic, or bypass security controls.
Remediation
Users are advised to upgrade to the latest version of HCL BigFix WebUI. Specific version recommendations can be found in the HCL BigFix WebUI Security Bulletin KB0124562.
Added: Oct 10, 2025, 11:22 PM
Updated: Oct 10, 2025, 11:22 PM
Vulnerability Rating
Custom Algorithm
spread
2.6impact
1.3exploitability
7.0remediation
7.7relevance
0.7threat
0.0urgency
2.9incentive
5.8Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.