CVE-2025-31977

MEDIUM

HCL BigFix SM - Cryptographic Weakness via Weak Encryption Algorithms

Title source: llm

Description

HCL BigFix SM is affected by cryptographic weakness due to weak or outdated encryption algorithms. An attacker with network access could exploit this weakness to decrypt or manipulate encrypted communications under certain conditions.

References (1)

Core 1

Core References

Vendor Advisory

https://support.hcl-software.com/csm?id=kb_article&sysparm_article=KB0123631

Scores

CVSS v3 5.3

EPSS 0.0009

EPSS Percentile 0.8%

Attack Vector NETWORK

CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N

CISA SSVC

Vulnrichment

Exploitation none

Automatable no

Technical Impact partial

Details

CWE

CWE-311

Status published

Products (1)

hcltech/bigfix_service_management 23.0

Published Aug 28, 2025

Tracked Since Feb 18, 2026