Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

BigFix Service Management (SM) — Vulnerabilities & Security Advisories 17

All 17 CVE vulnerabilities found in BigFix Service Management (SM), with AI-generated Chinese analysis, references, and POCs.

Vendor: HCL Software

CVE IDTitleCVSSSeverityPublished
CVE-2024-30151 HCL BigFix Service Management (SM) is susceptible to Broken Access Control Vulnerability CWE-532 8.3 High2026-05-06
CVE-2025-31960 HCL BigFix Service Management (SM) is vulnerable to information exposure due to improper error handling within its reporting module CWE-209 5.3 Medium2026-05-06
CVE-2025-31974 HCL BigFix Service Management (SM) is susceptible to a Root File System Not Mounted as Read-Only CWE-1188 3.9 Low2026-05-06
CVE-2025-31975 HCL BigFix Service Management (SM) is affected by an Information Disclosure – Server Banner issue was identified. CWE-200 2.6 Low2026-05-06
CVE-2025-52613 HCL BigFix Service Management (SM) is affected by use of a vulnerable component CWE-200 4.6 Medium2026-05-06
CVE-2025-31976 HCL BigFix Service Management (SM) is vulnerable to insufficiently protected credentials CWE-200 4.8 Medium2026-05-06
CVE-2025-31978 HCL BigFix Service Management (SM) does not adequately sanitize or safely render CWE-201 4.6 Medium2026-05-06
CVE-2025-31959 HCL BigFix Service Management (SM) application fails to strip EXIF metadata from uploaded images. CWE-1230 3.5 Low2026-05-06
CVE-2025-31982 HCL BigFix Service Management (SM) had directories that were not linked or publicly visible but could be accessed directl CWE-200 3.7 Low2026-05-06
CVE-2025-31984 HCL BigFix Service Management (SM) is affected by a security misconfiguration due to a missing or insecure “X-Content-Type-Options” header CWE-200 3.7 Low2026-05-06
CVE-2025-31983 HCL BigFix Service Management (SM) is affected by a security misconfiguration vulnerability due to CSP header CWE-358 3.7 Low2026-05-06
CVE-2025-31957 HCL BigFix Service Management (SM) is affected by a Cross‑Site Request Forgery (CSRF) vulnerability. CWE-352 2.6 Low2026-05-06
CVE-2025-31981 HCL BigFix Service Management (SM) Discovery is vulnerable to unenforced encryption CWE-319 5.3 Medium2026-04-21
CVE-2025-31958 HCL BigFix Service Management (SM) is susceptible to HTTP Request Smuggling CWE-444 3.7 Low2026-04-21
CVE-2025-31979 A File Upload Validation Bypass vulnerability has been identified in the HCL BigFix Service Management (SM) CWE-434 5.4 Medium2025-08-28
CVE-2025-31977 A cryptographic weakness has been identified in the HCL BigFix Service Management (SM) CWE-311 5.3 Medium2025-08-28
CVE-2025-31972 HCL BigFix Service Management (SM) is affected by a Sensitive Information Exposure vulnerability CWE-319 6.5 Medium2025-08-28

All 17 known CVE vulnerabilities affecting BigFix Service Management (SM) with full Chinese analysis, references, and POCs where available.