CVE-2025-59849

medium

Description

Improper management of Content Security Policy in HCL BigFix Remote Control Lite Web Portal (versions 10.1.0.0326 and lower) may allow the execution of malicious code in web pages.

References

https://support.hcl-software.com/csm?id=kb_article&sysparm_article=KB0127332

Details

Source: Mitre, NVD

Published: 2025-12-17

Updated: 2026-01-06

Risk Information

CVSS v2

Base Score: 6.4

Vector: CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:N

Severity: Medium

CVSS v3

Base Score: 6.1

Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N