Skip to main content

HCL BigFix RunBookAI EUVDEUVD-2025-209670

| CVE-2025-62345 LOW
Insufficiently Protected Credentials (CWE-522)
2026-05-06 HCL GHSA-8g24-6q74-4vrh
2.7
CVSS 3.1 · NVD

Severity by source

NVD PRIMARY
2.7 LOW
AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:N/A:N

Primary rating from NVD · only source for this CVE.

CVSS VectorNVD

CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:N/A:N
Attack Vector
Network
Attack Complexity
Low
Privileges Required
High
User Interaction
None
Scope
Unchanged
Confidentiality
Low
Integrity
None
Availability
None

Lifecycle Timeline

1
Analysis Generated
May 06, 2026 - 14:00 vuln.today

DescriptionCVE.org

HCL BigFix RunBookAI is affected by a Continued availability of Less-Secure “Input Text” Vulnerability . A component contains a security weakness in its input handling implementation, increasing the risk of misconfiguration and operational errors.

AnalysisAI

HCL BigFix RunBookAI 11.2 contains weak input handling in a text input component that may disclose sensitive information to high-privilege users. The vulnerability stems from continued reliance on less-secure input validation mechanisms, creating operational risk through potential misconfiguration. While the CVSS score is low (2.7) due to requirement for high-privilege access and limited confidentiality impact, the information disclosure channel could expose credentials or operational data to authenticated administrators.

Technical ContextAI

The vulnerability resides in an input text component (CWE-522: Weakly Protected Credentials) within HCL BigFix RunBookAI's user interface or API input handling layer. CWE-522 specifically addresses use of plaintext storage or transmission of sensitive credentials, indicating the component fails to properly protect or mask sensitive input data. The affected product is enterprise automation and runbook orchestration software, where input fields commonly handle API keys, credentials, and operational secrets. The network-accessible entry point (AV:N) combined with high-privilege requirement (PR:H) suggests the vulnerability affects administrative interfaces or APIs.

RemediationAI

Contact HCL support and apply the security patch referenced in KB0130444 (https://support.hcl-software.com/csm?id=kb_article&sysparm_article=KB0130444) to upgrade BigFix RunBookAI beyond version 11.2; exact patched version number not yet independently confirmed in available data. As an interim compensating control, restrict administrative UI and API access to BigFix RunBookAI via network segmentation - implement firewall rules or VPN-only access to the administrative port/endpoint, reducing the AV:N attack surface to AV:L by limiting who can reach the vulnerable input component. Additionally, audit input fields in administrative dashboards and runbooks for plaintext storage of credentials; migrate to vault-integrated credential handling where the application stores references rather than plaintext secrets. Monitor audit logs for high-privilege user access to text input components and review configuration export files for exposed credentials. These controls mitigate information disclosure without waiting for patches, though they introduce operational friction if administrators require remote access.

Share

EUVD-2025-209670 vulnerability details – vuln.today

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy