CVE-2025-31972

MEDIUM

6.5

Beschreibung

HCL BigFix SM is affected by a Sensitive Information Exposure vulnerability where internal connections do not use TLS encryption which could allow an attacker unauthorized access to sensitive data transmitted between internal components.

CVE Details

CVSS v3.1 Bewertung6.5

SchweregradMEDIUM

CVSS VektorCVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

AngriffsvektorADJACENT_NETWORK

KomplexitatLOW

Erforderliche PrivilegienNONE

BenutzerinteraktionNONE

Veroffentlicht8/28/2025

Zuletzt geandert10/29/2025

Quellenvd

Honeypot-Sichtungen0

Betroffene Produkte

hcltech:bigfix_service_management

Schwachen (CWE)

CWE-319

Referenzen

https://support.hcl-software.com/csm?id=kb_article&sysparm_article=KB0123631(psirt@hcl.com)

IOC Korrelationen

Keine Korrelationen erfasst

This product uses data from the NVD API but is not endorsed or certified by the NVD.