Skip to main content

HCL BigFix Service Management EUVDEUVD-2025-209690

| CVE-2025-31975 LOW
Information Exposure (CWE-200)
2026-05-06 HCL GHSA-mp4f-c4m3-gxr6
2.6
CVSS 3.1 · NVD

Severity by source

NVD PRIMARY
2.6 LOW
AV:A/AC:H/PR:N/UI:R/S:U/C:L/I:N/A:N

Primary rating from NVD · only source for this CVE.

CVSS VectorNVD

CVSS:3.1/AV:A/AC:H/PR:N/UI:R/S:U/C:L/I:N/A:N
Attack Vector
Adjacent
Attack Complexity
High
Privileges Required
None
User Interaction
Required
Scope
Unchanged
Confidentiality
Low
Integrity
None
Availability
None

Lifecycle Timeline

1
Analysis Generated
May 06, 2026 - 15:01 vuln.today

DescriptionCVE.org

HCL BigFix Service Management (SM) is affected by an Information Disclosure - Server Banner issue was identified. Exposed server banners may reveal software versions and system details, potentially aiding attackers in targeting known vulnerabilities.

AnalysisAI

HCL BigFix Service Management exposes server banner information containing software versions and system details accessible to adjacent network attackers through a non-default interaction, enabling reconnaissance for targeted attacks against known vulnerabilities. The vulnerability requires adjacent network access and user interaction, resulting in limited confidentiality impact with no integrity or availability consequences. CVSS 2.6 indicates low severity, though information disclosure can facilitate secondary attacks.

Technical ContextAI

Server banner disclosure is a classic information gathering weakness (CWE-200: Exposure of Sensitive Information to an Unauthorized Actor) where HTTP headers or service banners reveal software versions, architecture, or framework details. In HCL BigFix Service Management, the application server exposes identifying information through response headers or welcome messages, allowing attackers on the adjacent network segment to enumerate the exact software version without authentication. This reconnaissance data can then be correlated with known CVE databases to identify additional exploitable vulnerabilities in the specific version. The vulnerability appears to be a configuration or default behavior issue rather than a code flaw.

RemediationAI

Check HCL support article KB0128144 at https://support.hcl-software.com/csm?id=kb_article&sysparm_article=KB0128144 for the vendor-issued patch or mitigation guidance. If a patch version is available, upgrade BigFix SM to the patched release immediately. As a compensating control pending patching, implement network-level protections: (1) restrict HTTP(S) access to BigFix SM services to authorized subnets only using firewall rules, preventing adjacent network reconnaissance; (2) disable or customize HTTP headers to remove version strings-configure the application server (typically Tomcat or similar) to suppress the Server header in responses; (3) place BigFix SM behind a reverse proxy (nginx, Apache) configured to strip identifying headers before forwarding responses to clients. Document any header suppression configuration changes to maintain supportability. These controls reduce information leakage without patching but do not address the root cause and must be paired with patch deployment.

CVE-2025-31976 HIGH
7.5 May 06

Credential exposure in HCL BigFix Service Management (SM) version 23 leaves credentials insufficiently protected for a b

CVE-2025-31960 MEDIUM
5.3 May 06

HCL BigFix Service Management (SM) leaks sensitive information through improper error handling in its reporting module.

CVE-2025-31981 MEDIUM
5.3 Apr 21

HCL BigFix Service Management Discovery accepts unencrypted HTTP traffic on port 80, allowing network-adjacent attackers

CVE-2025-52613 MEDIUM
4.6 May 06

HCL BigFix Service Management (SM) contains an insecure or outdated WSGI server implementation that exposes the applicat

CVE-2025-31978 MEDIUM
4.3 May 06

HCL BigFix Service Management fails to sanitize spreadsheet data (CSV, XLS, XLSX) before export, allowing authenticated

CVE-2025-31974 LOW
3.9 May 06

HCL BigFix Service Management is vulnerable to improper root filesystem configuration, allowing high-privileged authenti

CVE-2025-31984 LOW
3.7 May 06

HCL BigFix Service Management lacks secure X-Content-Type-Options HTTP headers, allowing browsers to perform MIME-type s

CVE-2025-31958 LOW
3.7 Apr 21

HTTP request smuggling in HCL BigFix Service Management allows remote unauthenticated attackers to exploit HTTP parsing

CVE-2025-31982 LOW
3.7 May 06

HCL BigFix Service Management contains unauthenticated-accessible directories that are not linked in the user interface

CVE-2025-31983 LOW
3.7 May 06

HCL BigFix Service Management (SM) contains a Content Security Policy (CSP) header misconfiguration that enables cross-s

CVE-2025-31959 LOW
3.5 May 06

HCL BigFix Service Management fails to strip EXIF metadata from uploaded images, allowing authenticated users to inadver

CVE-2025-31957 LOW
2.6 May 06

HCL BigFix Service Management (SM) contains a cross-site request forgery (CSRF) vulnerability that allows authenticated

Share

EUVD-2025-209690 vulnerability details – vuln.today

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy