PT-2025-35109 · Hcl · Hcl Bigfix Sm
Published
2025-08-28
·
Updated
2025-08-28
·
CVE-2025-31979
CVSS v3.1
5.4
Medium
| Vector | AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N |
Name of the Vulnerable Software and Affected Versions
HCL BigFix SM (affected versions not specified)
Description
A File Upload Validation Bypass flaw exists in HCL BigFix SM, where the application does not properly enforce file type restrictions during the upload process. This allows an attacker to upload malicious or unauthorized files, such as scripts, executables, or web shells, by bypassing validation mechanisms.
Recommendations
At the moment, there is no information about a newer version that contains a fix for this vulnerability.
Unrestricted File Upload
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Hcl Bigfix Sm