Unrated severityNVD Advisory· Published Dec 17, 2025· Updated Dec 17, 2025
HCL BigFix Remote Control is vulnerable to an insecure CSP configuration
CVE-2025-59849
Description
Improper management of Content Security Policy in HCL BigFix Remote Control Lite Web Portal (versions 10.1.0.0326 and lower) may allow the execution of malicious code in web pages.
Affected products
2<=10.1.0.0326+ 1 more
- (no CPE)range: <=10.1.0.0326
- (no CPE)range: <= 10.1.0.0326
Patches
Vulnerability mechanics
References
1News mentions
0No linked articles in our index yet.