CVE-2025-31965 | THREATINT

Description

Improper access restrictions in HCL BigFix Remote Control Server WebUI (versions 10.1.0.0248 and lower) allow non-admin users to view unauthorized information on certain web pages.

PUBLISHED Reserved 2025-04-01 | Published 2025-07-29 | Updated 2025-07-29 | Assigner HCL

HIGH: 8.2CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:H/A:L

Problem types

CWE-305 Authentication Bypass by Primary Weakness

Product status

Default status

unaffected

<=10.1.0.0248

affected

References

support.hcl-software.com/...rticle&sysparm_article=KB0122906 (VDB-299060 | PyTorch Quantized Sigmoid Module nnq_Sigmoid initialization)

cve.org (CVE-2025-31965)

nvd.nist.gov (CVE-2025-31965)

Download JSON