CVSS 3.7 · LOW
CVE-2025-31983
HCL BigFix Service Management (SM) is affected by a security misconfiguration vulnerability due to CSP header. This could allow attackers to inject malicious scripts increasing the risk of cross-site scripting (XSS) and potential exposure of sensitive information.
Ver en NVDSeveridad
Puntaje: 3.7(LOW)
Vector:
CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:L/I:N/A:LAV: NETWORK
AC: HIGH
PR: LOW
UI: REQUIRED
S: UNCHANGED
C: LOW
I: NONE
A: LOW
Tipo de falla (CWE):
CWE-358EPSS
Sin puntaje EPSS aún (CVE muy reciente).
Afecta
hcltech:bigfix_service_managementDescripción técnica
HCL BigFix Service Management (SM) is affected by a security misconfiguration vulnerability due to CSP header. This could allow attackers to inject malicious scripts increasing the risk of cross-site scripting (XSS) and potential exposure of sensitive information.
Publicada: 6/5/2026, 15:16:07
Última modificación: 6/5/2026, 23:17:39