Medium severity5.3NVD Advisory· Published Apr 21, 2026· Updated Apr 22, 2026
CVE-2025-31981
CVE-2025-31981
Description
HCL BigFix Service Management (SM) Discovery is vulnerable to unenforced encryption due to port 80 (HTTP) being open, allowing unencrypted access. An attacker with access to the network traffic can sniff packets from the connection and uncover the data.
Affected products
2cpe:2.3:a:hcltech:bigfix_service_management:23.0:*:*:*:*:*:*:*+ 1 more
- cpe:2.3:a:hcltech:bigfix_service_management:23.0:*:*:*:*:*:*:*
- (no CPE)
Patches
Vulnerability mechanics
References
1- support.hcl-software.com/csmnvdVendor Advisory
News mentions
0No linked articles in our index yet.