CVE-2025-31981
Received Received - Intake
Unencrypted Traffic Exposure in HCL BigFix SM Discovery

Publication date: 2026-04-21

Last updated on: 2026-04-22

Assigner: HCL Software

Description
HCL BigFix Service Management (SM) Discovery is vulnerable to unenforced encryption due to port 80 (HTTP) being open, allowing unencrypted access.Β  An attacker with access to the network traffic can sniff packets from the connection and uncover the data.
CVSS Scores
EPSS Scores
Probability:
Percentile:
Meta Information
Published
2026-04-21
Last Modified
2026-04-22
Generated
2026-06-16
AI Q&A
2026-04-21
EPSS Evaluated
2026-06-15
NVD
CVE-2025-31981
EUVD
EUVD-2025-209542
Affected Vendors & Products
Showing 1 associated CPE
Vendor Product Version / Range
hcltech bigfix_service_management 23.0
Helpful Resources
Exploitability
CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-319 The product transmits sensitive or security-critical data in cleartext in a communication channel that can be sniffed by unauthorized actors.
Attack-Flow Graph
AI Quick Actions
Instant insights powered by AI
Executive Summary

HCL BigFix Service Management (SM) Discovery has a vulnerability where encryption is not enforced because port 80 (HTTP) is open. This allows data to be transmitted without encryption.

As a result, an attacker who can access the network traffic can sniff the packets and uncover the data being transmitted.

Impact Analysis

This vulnerability can lead to sensitive data being exposed to attackers who have access to the network traffic.

Since the data is transmitted unencrypted over HTTP, attackers can intercept and read the data, potentially leading to information disclosure.

Detection Guidance

This vulnerability can be detected by checking if port 80 (HTTP) is open and accessible on systems running HCL BigFix Service Management (SM) Discovery. Since the vulnerability involves unenforced encryption due to unencrypted HTTP traffic, monitoring network traffic for unencrypted data on port 80 can help identify exposure.

Commands to detect this include using network scanning tools to check open ports and packet sniffing tools to observe unencrypted traffic:

  • Use nmap to scan for open port 80: nmap -p 80 <target-ip>
  • Use tcpdump or Wireshark to capture and analyze traffic on port 80: tcpdump -i <interface> port 80
Mitigation Strategies

To mitigate this vulnerability, immediate steps include disabling or restricting access to port 80 (HTTP) to prevent unencrypted connections. Enforcing encrypted communication protocols such as HTTPS (port 443) is recommended to protect data in transit.

Additionally, applying any patches or updates provided by HCL for BigFix Service Management (SM) Discovery that address this issue is critical.

Compliance Impact

The vulnerability in HCL BigFix Service Management (SM) Discovery allows unencrypted access over port 80 (HTTP), enabling attackers with network access to sniff and uncover transmitted data.

This lack of enforced encryption can lead to exposure of sensitive information during transmission, which may result in non-compliance with data protection standards and regulations such as GDPR and HIPAA that require protection of data in transit.

Therefore, organizations using this vulnerable service might face increased risk of violating these regulations due to potential data interception and exposure.

Chat Assistant
Ask questions about this CVE
Hi! I’m here to help you understand CVE-2025-31981. Ask me anything about the vulnerability, its impact, or mitigation strategies.
0/70
EPSS Chart