CVE-2025-31977

MEDIUM

5.3

Description

HCL BigFix SM is affected by cryptographic weakness due to weak or outdated encryption algorithms. An attacker with network access could exploit this weakness to decrypt or manipulate encrypted communications under certain conditions.

Details CVE

Score CVSS v3.15.3

SeveriteMEDIUM

Vecteur CVSSCVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N

Vecteur d'attaqueNETWORK

ComplexiteHIGH

Privileges requisLOW

Interaction utilisateurNONE

Publie8/28/2025

Derniere modification10/29/2025

Sourcenvd

Observations honeypot0

Produits affectes

hcltech:bigfix_service_management

Faiblesses (CWE)

CWE-311

References

https://support.hcl-software.com/csm?id=kb_article&sysparm_article=KB0123631(psirt@hcl.com)

Correlations IOC

Aucune correlation enregistree

This product uses data from the NVD API but is not endorsed or certified by the NVD.