Improper Management of Stylesheet Import in HCL BigFix Remote Control Lite Web Portal
CVE-2025-55254

3.7LOW

Key Information:

Vendor: HCL Software Software
Status: Bigfix Remote Control
Vendor: CVE Published:; 17 December 2025

🔔 Create HCL Software Software Vulnerability Alert

What is CVE-2025-55254?

The HCL BigFix Remote Control Lite Web Portal is vulnerable due to improper management of Path-relative stylesheet imports. This flaw could potentially allow attackers to execute malicious code on affected web pages, posing significant security risks to users. Versions 10.1.0.0326 and earlier are particularly susceptible, highlighting the need for immediate updates and patches to mitigate these vulnerabilities.

Affected Version(s)

BigFix Remote Control <= 10.1.0.0326

References

https://support.hcl-software.com/csm?id=kb_article&syspar...

CVSS V3.1

Score:

3.7

Severity:

LOW

Confidentiality:

Low

Integrity:

None

Availability:

Low

Attack Vector:

Network

Attack Complexity:

High

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Dec 17, 2025
Vulnerability Reserved
Aug 12, 2025

CVE-2025-55254 Data

JSON