1. Home
  2. CVE Database
  3. CVE-2025-55254
LOW · 3.7

CVE-2025-55254

Improper management of Path-relative stylesheet import in HCL BigFix Remote Control Lite Web Portal (versions 10.1.0.0326 and lower) may allow to execute malicious code in certain web pages.

Vulnerability Description

Improper management of Path-relative stylesheet import in HCL BigFix Remote Control Lite Web Portal (versions 10.1.0.0326 and lower) may allow to execute malicious code in certain web pages.

CVSS Score

3.7

LOW

CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N
Attack Vector
NETWORK
Attack Complexity
HIGH
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality
LOW
Integrity
NONE
Availability
NONE

Affected Products

VendorProductVersions
HcltechswHcl Devops Deploy>= 8.0.0.0, < 8.0.1.11
HcltechswHcl Launch>= 7.3.0.0, < 7.3.2.16

Related Weaknesses (CWE)

CWE-601CWE-613

References

FAQ

What is CVE-2025-55254?

CVE-2025-55254 is a vulnerability with a CVSS score of 3.7 (LOW). Improper management of Path-relative stylesheet import in HCL BigFix Remote Control Lite Web Portal (versions 10.1.0.0326 and lower) may allow to execute malicious code in certain web pages.

How severe is CVE-2025-55254?

CVE-2025-55254 has been rated LOW with a CVSS base score of 3.7/10. Review the CVSS metrics above for detailed severity breakdown.

Is there a patch for CVE-2025-55254?

Check the references section above for vendor advisories and patch information. Affected products include: Hcltechsw Hcl Devops Deploy, Hcltechsw Hcl Launch.