Logo
-

Byte Open Security

(ByteOS Network)

Log In

Sign Up

ByteOS

Security
Vulnerability Details
Registries
Custom Views
Weaknesses
Attack Patterns
Filters & Tools
CVE Vulnerability Details :
CVE-2025-59849
PUBLISHED
More InfoOfficial Page
Assigner-HCL
Assigner Org ID-1e47fe04-f25f-42fa-b674-36de2c5e3cfc
View Known Exploited Vulnerability (KEV) details
Published At-17 Dec, 2025 | 20:28
Updated At-17 Dec, 2025 | 20:45
Rejected At-
▼CVE Numbering Authority (CNA)
HCL BigFix Remote Control is vulnerable to an insecure CSP configuration

Improper management of Content Security Policy in HCL BigFix Remote Control Lite Web Portal (versions 10.1.0.0326 and lower) may allow the execution of malicious code in web pages.

Affected Products
Vendor
HCL Technologies Ltd.HCL Software
Product
BigFix Remote Control
Default Status
unaffected
Versions
Affected
  • <= 10.1.0.0326
Problem Types
TypeCWE IDDescription
CWECWE-1021CWE-1021 Improper Restriction of Rendered UI Layers or Frames
CWECWE-693CWE-693 Protection Mechanism Failure
Type: CWE
CWE ID: CWE-1021
Description: CWE-1021 Improper Restriction of Rendered UI Layers or Frames
Type: CWE
CWE ID: CWE-693
Description: CWE-693 Protection Mechanism Failure
Metrics
VersionBase scoreBase severityVector
3.14.7MEDIUM
CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:L/A:N
Version: 3.1
Base score: 4.7
Base severity: MEDIUM
Vector:
CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:L/A:N
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions

Configurations

Workarounds

Exploits

Credits

Timeline
EventDate
Replaced By

Rejected Reason

References
HyperlinkResource
https://support.hcl-software.com/csm?id=kb_article&sysparm_article=KB0127332
N/A
Hyperlink: https://support.hcl-software.com/csm?id=kb_article&sysparm_article=KB0127332
Resource: N/A
▼Authorized Data Publishers (ADP)
CISA ADP Vulnrichment
Affected Products
Metrics
VersionBase scoreBase severityVector
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions

Configurations

Workarounds

Exploits

Credits

Timeline
EventDate
Replaced By

Rejected Reason

References
HyperlinkResource
Details not found