{"api_version":"1","generated_at":"2026-04-22T21:39:07+00:00","cve":"CVE-2025-31981","urls":{"html":"https://cve.report/CVE-2025-31981","api":"https://cve.report/api/cve/CVE-2025-31981.json","docs":"https://cve.report/api","cve_org":"https://www.cve.org/CVERecord?id=CVE-2025-31981","nvd":"https://nvd.nist.gov/vuln/detail/CVE-2025-31981"},"summary":{"title":"HCL BigFix Service Management (SM) Discovery is vulnerable to unenforced encryption","description":"HCL BigFix Service Management (SM) Discovery is vulnerable to unenforced encryption due to port 80 (HTTP) being open, allowing unencrypted access.  An attacker with access to the network traffic can sniff packets from the connection and uncover the data.","state":"PUBLISHED","assigner":"HCL","published_at":"2026-04-21 15:16:35","updated_at":"2026-04-22 15:09:37"},"problem_types":["CWE-319","CWE-319 CWE-319 Cleartext transmission of sensitive information"],"metrics":[{"version":"3.1","source":"psirt@hcl.com","type":"Secondary","score":"5.3","severity":"MEDIUM","vector":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N","data":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N","baseScore":5.3,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"LOW","integrityImpact":"NONE","availabilityImpact":"NONE"}},{"version":"3.1","source":"CNA","type":"CVSS","score":"5.3","severity":"MEDIUM","vector":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N","data":{"attackComplexity":"LOW","attackVector":"NETWORK","availabilityImpact":"NONE","baseScore":5.3,"baseSeverity":"MEDIUM","confidentialityImpact":"LOW","integrityImpact":"NONE","privilegesRequired":"NONE","scope":"UNCHANGED","userInteraction":"NONE","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N","version":"3.1"}}],"references":[{"url":"https://support.hcl-software.com/csm?id=kb_article&sysparm_article=KB0127605","name":"https://support.hcl-software.com/csm?id=kb_article&sysparm_article=KB0127605","refsource":"psirt@hcl.com","tags":["Vendor Advisory"],"title":"","mime":"","httpstatus":"","archivestatus":"0"},{"url":"https://www.cve.org/CVERecord?id=CVE-2025-31981","name":"CVE Program record","refsource":"CVE.ORG","tags":["canonical"]},{"url":"https://nvd.nist.gov/vuln/detail/CVE-2025-31981","name":"NVD vulnerability detail","refsource":"NVD","tags":["canonical","analysis"]}],"affected":[{"source":"CNA","vendor":"HCLSoftware","product":"BigFix Service Management (SM)","version":"affected 23","platforms":[]}],"timeline":[],"solutions":[],"workarounds":[],"exploits":[],"credits":[],"nvd_cpes":[{"cve_year":"2025","cve_id":"31981","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"hcltech","cpe5":"bigfix_service_management","cpe6":"23.0","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"}],"vendor_comments":[],"enrichments":{"kev":null,"epss":null,"legacy_qids":[]},"source_records":{"cve_program":{"containers":{"adp":[{"metrics":[{"other":{"content":{"id":"CVE-2025-31981","options":[{"Exploitation":"none"},{"Automatable":"no"},{"Technical Impact":"partial"}],"role":"CISA Coordinator","timestamp":"2026-04-21T19:28:07.221158Z","version":"2.0.3"},"type":"ssvc"}}],"providerMetadata":{"dateUpdated":"2026-04-21T19:28:19.397Z","orgId":"134c704f-9b21-4f2e-91b3-4a467353bcc0","shortName":"CISA-ADP"},"title":"CISA ADP Vulnrichment"}],"cna":{"affected":[{"defaultStatus":"unaffected","product":"BigFix Service Management (SM)","vendor":"HCLSoftware","versions":[{"status":"affected","version":"23"}]}],"datePublic":"2026-04-20T13:55:00.000Z","descriptions":[{"lang":"en","supportingMedia":[{"base64":false,"type":"text/html","value":"HCL BigFix Service Management (SM) Discovery is vulnerable to unenforced encryption due to port 80 (HTTP) being open, allowing unencrypted access.  An attacker with access to the network traffic can sniff packets from the connection and uncover the data. "}],"value":"HCL BigFix Service Management (SM) Discovery is vulnerable to unenforced encryption due to port 80 (HTTP) being open, allowing unencrypted access.  An attacker with access to the network traffic can sniff packets from the connection and uncover the data."}],"metrics":[{"cvssV3_1":{"attackComplexity":"LOW","attackVector":"NETWORK","availabilityImpact":"NONE","baseScore":5.3,"baseSeverity":"MEDIUM","confidentialityImpact":"LOW","integrityImpact":"NONE","privilegesRequired":"NONE","scope":"UNCHANGED","userInteraction":"NONE","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N","version":"3.1"},"format":"CVSS","scenarios":[{"lang":"en","value":"GENERAL"}]}],"problemTypes":[{"descriptions":[{"cweId":"CWE-319","description":"CWE-319 Cleartext transmission of sensitive information","lang":"en","type":"CWE"}]}],"providerMetadata":{"dateUpdated":"2026-04-21T14:28:24.452Z","orgId":"1e47fe04-f25f-42fa-b674-36de2c5e3cfc","shortName":"HCL"},"references":[{"url":"https://support.hcl-software.com/csm?id=kb_article&sysparm_article=KB0127605"}],"source":{"discovery":"UNKNOWN"},"title":"HCL BigFix Service Management (SM) Discovery is vulnerable to unenforced encryption","x_generator":{"engine":"Vulnogram 1.0.0"}}},"cveMetadata":{"assignerOrgId":"1e47fe04-f25f-42fa-b674-36de2c5e3cfc","assignerShortName":"HCL","cveId":"CVE-2025-31981","datePublished":"2026-04-21T14:26:39.400Z","dateReserved":"2025-04-01T18:46:33.655Z","dateUpdated":"2026-04-21T19:28:19.397Z","state":"PUBLISHED"},"dataType":"CVE_RECORD","dataVersion":"5.2"},"nvd":{"publishedDate":"2026-04-21 15:16:35","lastModifiedDate":"2026-04-22 15:09:37","problem_types":["CWE-319","CWE-319 CWE-319 Cleartext transmission of sensitive information"],"metrics":{"cvssMetricV31":[{"source":"psirt@hcl.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N","baseScore":5.3,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"LOW","integrityImpact":"NONE","availabilityImpact":"NONE"},"exploitabilityScore":3.9,"impactScore":1.4}]},"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:hcltech:bigfix_service_management:23.0:*:*:*:*:*:*:*","matchCriteriaId":"4D915AC1-7C2B-497D-9A77-9726954B2282"}]}]}]},"legacy_mitre":{"record":{"CveYear":"2025","CveId":"31981","Ordinal":"1","Title":"HCL BigFix Service Management (SM) Discovery is vulnerable to un","CVE":"CVE-2025-31981","Year":"2025"},"notes":[{"CveYear":"2025","CveId":"31981","Ordinal":"1","NoteData":"HCL BigFix Service Management (SM) Discovery is vulnerable to unenforced encryption due to port 80 (HTTP) being open, allowing unencrypted access.  An attacker with access to the network traffic can sniff packets from the connection and uncover the data.","Type":"Description","Title":"HCL BigFix Service Management (SM) Discovery is vulnerable to un"}]}}}