CVEFinder.io

CVE-2025-31973

🔶 medium
🔍 Scan for this CVE
Summary

HCL BigFix Service Management (SM) is susceptible to a Configuration – 'Insecure Use of Base Image Version'. Using outdated or insecure base images may introduce known vulnerabilities, potentially increasing the risk of exploitation in the application environment.

CVSS Score
4.0
Medium
EPSS Score
0.0
Exploit Probability
Published Date
2026-05-20
First Seen: 2026-05-21
📊 Relative Risk Intelligence

This CVE is Lower Risk - more severe than 5.1% of all 330,193 vulnerabilities in our database.

#313,312
Below average severity
Severity Percentile
🎯 CISA SSVC Assessment Updated: May 20, 2026
🔍 Exploitation Status
None
No known exploits
⚙️ Automatable
NO
Requires human interaction
💥 Technical Impact
Partial
Limited system impact
SSVC data provided by CISA
Last Modified 2026-05-20
Source NVD 🔗
CVSS Vector 3.1 CVSS:3.1/AV:L/AC:L/PR:H/UI:R/S:U/C:L/I:L/A:L

📦 Affected Products 1

Vendor Product Status Affected Versions
hcltech bigfix_service_management Affected
v23.0

🔗 References 1

https://support.hcl-software.com/csm?id=kb_article&s...
Vendor Advisory

🔗 Related CVEs 6

CVE ID Severity CVSS EPSS Summary Published
CVE-2025-31985 ℹ️ low 3.7 0.0 HCL BigFix Service Management (SM) is affected by a security misconfiguration due to a missing or insecure “X-Content-... 2026-05-20
CVE-2025-31957 ℹ️ low 2.6 0.0 HHCL BigFix Service Management (SM) is affected by a Cross‑Site Request Forgery (CSRF) vulnerability. This could lead... 2026-05-06
CVE-2025-31959 ℹ️ low 3.5 0.0 HCL BigFix Service Management (SM) application fails to strip EXIF metadata from uploaded images. This could lead to co... 2026-05-06
CVE-2025-31975 ℹ️ low 2.6 0.0 HCL BigFix Service Management (SM) is affected by an Information Disclosure – Server Banner issue was identified. Expo... 2026-05-06
CVE-2025-31976 🔶 medium 4.8 0.0 HCL BigFix Service Management (SM) is vulnerable to insufficiently protected credentials for a short duration while comm... 2026-05-06
CVE-2025-31978 🔶 medium 4.6 0.0 HCL BigFix Service Management (SM) does not adequately sanitize or safely render spreadsheet files (CSV, XLS, XLSX) befo... 2026-05-06
These CVEs affect the same products