CVE-2025-62345: CWE-522: Insufficiently Protected Credentials in HCL BigFix RunBookAI
HCL BigFix RunBookAI is affected by a Continued availability of Less-Secure “Input Text” Vulnerability . A component contains a security weakness in its input handling implementation, increasing the risk of misconfiguration and operational errors.
AI Analysis
Technical Summary
HCL BigFix RunBookAI version 11.2 contains a vulnerability classified as CWE-522 (Insufficiently Protected Credentials) due to a less-secure input text handling implementation. This flaw increases the risk of misconfiguration and operational errors by allowing sensitive credential information to be insufficiently protected during input processing. The CVSS 3.1 base score is 2.7, reflecting low impact with confidentiality loss only and no impact on integrity or availability. Exploitation requires network access and high privileges, with no user interaction needed. No vendor remediation or patch information is currently available.
Potential Impact
The vulnerability may lead to limited confidentiality loss of credential information within the affected component. There is no impact on system integrity or availability. Exploitation requires high privileges, reducing the likelihood of remote or unauthorized exploitation. No known active exploitation has been reported.
Mitigation Recommendations
Patch status is not yet confirmed — check the vendor advisory for current remediation guidance. Until an official fix is released, organizations should review and restrict access controls to limit exposure of sensitive inputs and credentials within BigFix RunBookAI. Monitor for any vendor updates regarding patches or configuration recommendations.
CVE-2025-62345: CWE-522: Insufficiently Protected Credentials in HCL BigFix RunBookAI
Description
HCL BigFix RunBookAI is affected by a Continued availability of Less-Secure “Input Text” Vulnerability . A component contains a security weakness in its input handling implementation, increasing the risk of misconfiguration and operational errors.
AI-Powered Analysis
Machine-generated threat intelligence
Technical Analysis
HCL BigFix RunBookAI version 11.2 contains a vulnerability classified as CWE-522 (Insufficiently Protected Credentials) due to a less-secure input text handling implementation. This flaw increases the risk of misconfiguration and operational errors by allowing sensitive credential information to be insufficiently protected during input processing. The CVSS 3.1 base score is 2.7, reflecting low impact with confidentiality loss only and no impact on integrity or availability. Exploitation requires network access and high privileges, with no user interaction needed. No vendor remediation or patch information is currently available.
Potential Impact
The vulnerability may lead to limited confidentiality loss of credential information within the affected component. There is no impact on system integrity or availability. Exploitation requires high privileges, reducing the likelihood of remote or unauthorized exploitation. No known active exploitation has been reported.
Mitigation Recommendations
Patch status is not yet confirmed — check the vendor advisory for current remediation guidance. Until an official fix is released, organizations should review and restrict access controls to limit exposure of sensitive inputs and credentials within BigFix RunBookAI. Monitor for any vendor updates regarding patches or configuration recommendations.
Technical Details
- Data Version
- 5.2
- Assigner Short Name
- HCL
- Date Reserved
- 2025-10-10T09:04:27.771Z
- Cvss Version
- 3.1
- State
- PUBLISHED
- Remediation Level
- null
Threat ID: 69fb2ed6cbff5d8610dc7fea
Added to database: 5/6/2026, 12:06:46 PM
Last enriched: 5/6/2026, 12:21:35 PM
Last updated: 5/7/2026, 8:18:19 AM
Views: 11
Community Reviews
0 reviewsCrowdsource mitigation strategies, share intel context, and vote on the most helpful responses. Sign in to add your voice and help keep defenders ahead.
Want to contribute mitigation steps or threat intel context? Sign in or create an account to join the community discussion.
Actions
Updates to AI analysis require Pro Console access. Upgrade inside Console → Billing.
External Links
Need more coverage?
Upgrade to Pro Console for AI refresh and higher limits.
For incident response and remediation, OffSeq services can help resolve threats faster.
Latest Threats
Check if your credentials are on the dark web
Instant breach scanning across billions of leaked records. Free tier available.