BigFix Modern Client Management (MCM)
by HCL Software
CVEs (2)
| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2025-0276 | 0.00 | — | 0.00 | Oct 16, 2025 | HCL BigFix Modern Client Management (MCM) 3.3 and earlier are vulnerable to certain insecure directives within the Content Security Policy (CSP). An attacker could trick users into performing actions by not properly restricting the sources of scripts and other content. | |||
| CVE-2025-0274 | 0.00 | — | 0.00 | Oct 16, 2025 | HCL BigFix Modern Client Management (MCM) 3.3 and earlier is affected by improper access control. Unauthorized users can access a small subset of endpoint actions, potentially allowing access to select internal functions. |
- CVE-2025-0276Oct 16, 2025risk 0.00cvss —epss 0.00
HCL BigFix Modern Client Management (MCM) 3.3 and earlier are vulnerable to certain insecure directives within the Content Security Policy (CSP). An attacker could trick users into performing actions by not properly restricting the sources of scripts and other content.
- CVE-2025-0274Oct 16, 2025risk 0.00cvss —epss 0.00
HCL BigFix Modern Client Management (MCM) 3.3 and earlier is affected by improper access control. Unauthorized users can access a small subset of endpoint actions, potentially allowing access to select internal functions.