CVE-2025-31982 | THREATINT

Description

HCL BigFix Service Management (SM) had directories that were not linked or publicly visible but could be accessed directly. This could allow an increased risk of information disclosure or misuse of sensitive functionality.

PUBLISHED Reserved 2025-04-01 | Published 2026-05-06 | Updated 2026-05-06 | Assigner HCL

LOW: 3.7CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:L/I:N/A:L

Problem types

CWE-200: xposure of Sensitive Information to an Unauthorized Actor

Product status

Default status

unaffected

affected

References

support.hcl-software.com/...rticle&sysparm_article=KB0128144

cve.org (CVE-2025-31982)

nvd.nist.gov (CVE-2025-31982)

Download JSON