CVE-2025-31981

CVSS v3.1

5.3

Medium

AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N

HCL BigFix Service Management (SM) Discovery is vulnerable to unenforced encryption due to port 80 (HTTP) being open, allowing unencrypted access. An attacker with access to the network traffic can sniff packets from the connection and uncover the data.

Fix

Cleartext Transmission of Sensitive Information

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-319

Related Identifiers

CVE-2025-31981

Affected Products

Bigfix Service Management

CVE-2025-31981

Weakness Enumeration

Related Identifiers

Affected Products

References · 4