Unrated severityNVD Advisory· Published Dec 17, 2025· Updated Dec 17, 2025

HCL BigFix Remote Control is vulnerable to an insecure CSP configuration

CVE-2025-59849

Description

Improper management of Content Security Policy in HCL BigFix Remote Control Lite Web Portal (versions 10.1.0.0326 and lower) may allow the execution of malicious code in web pages.

Affected products

Hcl Software/Bigfix Remote Controlv5
Range: <= 10.1.0.0326

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

support.hcl-software.com/csmmitre

News mentions

No linked articles in our index yet.

cvss	0.000
epss	0.000
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000