HCL BigFix Service Management (SM) is affected by use of...

4.6 / 10

MEDIUM

CVSS:3.1/AV:A/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:L

Description

HCL BigFix Service Management (SM) is affected by use of a vulnerable WSGI Server was identified. Deploying an outdated or insecure WSGI server may expose the application to known security weaknesses, potentially increasing the risk of exploitation and unauthorized access.

Basic Information

ID CVE-2025-52613

Source HCL

Published May 6, 2026 at 13:50

Affected Product

Vendor HCL

Product BigFix Service Management (SM)

Version 23

Affected Versions HCL BigFix Service Management (SM) 23

CWE Classification

CWE-200

References

support.hcl-software.com /csm

{
    "lastseen": "",
    "description": "HCL BigFix Service Management (SM) is affected by use of a vulnerable WSGI Server was identified. Deploying an outdated or insecure WSGI server may expose the application to known security weaknesses, potentially increasing the risk of exploitation and unauthorized access.",
    "published": "2026-05-06T13:50:47.494Z",
    "modified": "2026-05-06T13:50:47.494Z",
    "type": "cve",
    "title": "HCL BigFix Service Management (SM) is affected by use of a vulnerable component",
    "source": "HCL",
    "references": "https://support.hcl-software.com/csm?id=kb_article&sysparm_article=KB0128144",
    "id": "CVE-2025-52613",
    "bulletinFamily": "",
    "cwe": [
        "CWE-200"
    ],
    "cvelist": null,
    "sourceData": "HCL BigFix Service Management (SM) 23",
    "sourceHref": "",
    "cvss": {
        "score": 4.6,
        "severity": "MEDIUM",
        "vector": "CVSS:3.1/AV:A/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:L",
        "version": "3.1"
    },
    "cvss2": [],
    "cvss3": {
        "version": "",
        "vectorString": "",
        "baseScore": 0,
        "baseSeverity": "",
        "attackVector": "",
        "attackComplexity": "",
        "privilegesRequired": "",
        "userInteraction": "",
        "scope": "",
        "confidentialityImpact": "",
        "integrityImpact": "",
        "availabilityImpact": "",
        "cvssV3": {
            "version": "",
            "vectorString": "",
            "baseScore": 0,
            "baseSeverity": "",
            "attackVector": "",
            "attackComplexity": "",
            "privilegesRequired": "",
            "userInteraction": "",
            "scope": "",
            "confidentialityImpact": "",
            "integrityImpact": "",
            "availabilityImpact": ""
        }
    },
    "href": "",
    "category_name": "CVE",
    "post_link": "",
    "product": "BigFix Service Management (SM)",
    "version": "23",
    "vendor": "HCL",
    "ai_description": "",
    "ai_severity": "",
    "ai_vendor": "",
    "ai_product": "",
    "ai_version": "",
    "ai_score": 0
}

HCL BigFix Service Management (SM) is affected by use of a vulnerable component_CVE-2025-52613