CVE-2025-31977
Unknown
Unknown - Not Provided
BaseFortify
Publication date: 2025-08-28
Last updated on: 2025-10-29
Assigner: HCL Software
Description
Description
HCL BigFix SM is affected by cryptographic weakness due to weak or outdated encryption algorithms.Β An attacker with network access could exploit this weakness to decrypt or manipulate encrypted communications under certain conditions.
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| hcltech | bigfix_service_management | 23.0 |
Helpful Resources
Exploitability
CWE
KEV
| CWE ID | Description |
|---|---|
| CWE-311 | The product does not encrypt sensitive or critical information before storage or transmission. |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
This vulnerability in HCL BigFix SM is due to the use of weak or outdated encryption algorithms. An attacker with network access could exploit this weakness to decrypt or manipulate encrypted communications under certain conditions.
How can this vulnerability impact me? :
The vulnerability could allow an attacker to decrypt or manipulate encrypted communications, potentially exposing sensitive information or compromising data integrity during transmission.
Ask Our AI Assistant
Need more information? Ask your question to get an AI reply (Powered by our expertise)
0/70