CVE-2025-31984

Name of the Vulnerable Software and Affected Versions HCL BigFix Service Management (SM) (affected versions not specified)

Description A security misconfiguration exists due to a missing or insecure "X-Content-Type-Options" header. This allows browsers to perform MIME-type sniffing, which is a technique where the browser attempts to determine the content type of a response by inspecting its body rather than relying on the declared content type, potentially causing malicious content to be interpreted and executed incorrectly.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.