CVE-2025-52602

HCL BigFix Query is affected by a sensitive information disclosure vulnerability in the WebUI Query application

Description

HCL BigFix Query is affected by a sensitive information disclosure in the WebUI Query application. An HTTP GET endpoint request returns discoverable responses that may disclose: group names, active user names (or IDs). An attacker can use that information to target individuals with phishing or other social-engineering attacks.

INFO

Published Date :

2025-11-05T14:46:46.537Z

Last Modified :

2025-11-05T18:58:08.387Z

Source :

HCL

AFFECTED PRODUCTS

The following products are affected by CVE-2025-52602 vulnerability.

No data.

REFERENCES

Here, you will find a curated list of external links that provide in-depth information to CVE-2025-52602.

URL	Resource
https://support.hcl-software.com/csm?id=kb_article&sysparm_article=KB0124950

CVSS Vulnerability Scoring System

V3.1

Detailed values of each vector for above chart.

Attack Vector

Attack Complexity

Privileges Required

User Interaction

Scope

Confidentiality Impact

Integrity Impact

Availability Impact